[strongSwan] Strongswan+Android+Xauth
Tobias Brunner
tobias at strongswan.org
Mon Feb 13 09:33:06 CET 2012
Hi Ingmar,
> On my Xoom I've entered the Server-IP, the IPsec-PSK and the Xauth
> User/PW. When trying to connect, the Ipsec-Connections seems to be
> established but Xauth fails after that. The log shows that the client
> seems to send the wrong password. I've tripple-checked the password
> on the client-side now, and I'm sure it's entered correct, and I
> executed "ipsec rereadsecrets" which showed now errors. Any hints
> where I should start to look?
Unfortunately, there is a bug in the new Android VPN implementation
which causes the XAuth password to be NULL terminated.
This means you have to encode the secret in binary form in
ipsec.secrets. Using your example, the line
> : XAUTH xoom "t3st"
gets
> : XAUTH xoom 0x7433737400
By the way, the above works for strongSwan 4.3.2, but since 4.4.1 the
syntax for XAuth passwords is the same as for other secrets, so in newer
releases you'd have to configure:
> xoom : XAUTH 0x7433737400
Regards,
Tobias
More information about the Users
mailing list