[strongSwan] IKEv2 cisco anyconnect app

Martin Willi martin at strongswan.org
Tue Dec 11 09:34:31 CET 2012

Hi Igor,

> The newest iOS app seems added IPSec and IKEv2 support

Yes, according to the changelog, IKEv2 support was added in the latest
release of Cisco Anyconnect.

> Dec 11 02:00:14 14[ENC] payload type CONFIGURATION was not encrypted

Seems that this client sends a proprietary unencrypted configuration
payload attribute 28728. However, we reject messages with unencrypted
payloads that should be encrypted, hence the connection attempt fails.

> is it possible to make it compatible with Strongswan?

Probably, yes. But, as with other Cisco clients, its EULA does not allow
you to use it against non-Cisco products. Hence there is not much use
for a compatible strongSwan server.


More information about the Users mailing list