[strongSwan] Strongswan + Mac OSX
Claude Tompers
claude.tompers at restena.lu
Wed Sep 5 13:34:13 CEST 2012
Hi,
Things start to become very odd. I've created an Apple profile with the
VPN configuration. I imported it into my Macbook and into my iPhone.
The connection works on the iPhone but does not on the Macbook.
I'm wondering what I'm missing here. For the Macbook, the logs are still
the same as I posted.
kind regards,
Claude
On 09/03/2012 03:25 PM, Claude Tompers wrote:
> On 09/03/2012 03:09 PM, Martin Willi wrote:
>>> I just defined the certificate in the Mac interface but did not enter a
>>> username or password.
>> This won't work. If no credentials are given, OS X requests them once
>> XAuth starts. And it sends XAuthInitRSA in all proposals, making plain
>> RSA authentication impossible.
>>
>>> I've just tried that. Except I used rightauth2=xauth-eap which shouldn't
>>> change anything. The log output is exectly the same.
>> I think that should work with 5.0.0, but you might give the latest
>> snapshot [1] a try.
>>
>> Regards
>> Martin
>>
>> [1]http://download.strongswan.org/strongswan-5.0.1dr3.tar.bz2
>>
> Still the same error. One thing that also appears odd, is that I don't
> see a config selection line in the log ( ie: selected peer config
> "RESTENA" ).
>
> ipsec.conf is now:
>
> conn RESTENA
> keyexchange=ikev1
> rightauth=pubkey
> rightauth2=xauth-eap
> rightsourceip=%ikev1
>
> kind regards,
> Claude
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
--
Claude Tompers
Ingénieur réseau et système
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
Tel: +352 424409 1
Fax: +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120905/c9cb5b42/attachment.pgp>
More information about the Users
mailing list