[strongSwan] Strongswan + Mac OSX

Claude Tompers claude.tompers at restena.lu
Wed Sep 5 13:34:13 CEST 2012


Things start to become very odd. I've created an Apple profile with the
VPN configuration. I imported it into my Macbook and into my iPhone.
The connection works on the iPhone but does not on the Macbook.
I'm wondering what I'm missing here. For the Macbook, the logs are still
the same as I posted.

kind regards,

On 09/03/2012 03:25 PM, Claude Tompers wrote:
> On 09/03/2012 03:09 PM, Martin Willi wrote:
>>> I just defined the certificate in the Mac interface but did not enter a
>>> username or password.
>> This won't work. If no credentials are given, OS X requests them once
>> XAuth starts. And it sends XAuthInitRSA in all proposals, making plain
>> RSA authentication impossible.
>>> I've just tried that. Except I used rightauth2=xauth-eap which shouldn't
>>> change anything. The log output is exectly the same.
>> I think that should work with 5.0.0, but you might give the latest
>> snapshot [1] a try.
>> Regards
>> Martin
>> [1]http://download.strongswan.org/strongswan-5.0.1dr3.tar.bz2
> Still the same error. One thing that also appears odd, is that I don't
> see a config selection line in the log ( ie: selected peer config
> "RESTENA" ).
> ipsec.conf is now:
> conn RESTENA
>     keyexchange=ikev1
>     rightauth=pubkey
>     rightauth2=xauth-eap
>     rightsourceip=%ikev1
> kind regards,
> Claude
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users

Claude Tompers
Ingénieur réseau et système
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120905/c9cb5b42/attachment.pgp>

More information about the Users mailing list