[strongSwan] iOS 6 & Strongswan 5.0.4
Brian Mastenbrook
brian at mastenbrook.net
Tue Jun 25 16:58:21 CEST 2013
Hi Jeremy,
Does this handle rekeying? I found that all iOS and OS X connections dropped after an hour, which is when Apple's IKE wants to rekey. The xauth-noauth plugin works for my case, but it's basically just faking xauth and relying on certificates.
Brian
On Jun 25, 2013, at 7:31 AM, Jeremy Beker <gothmog at confusticate.com> wrote:
> Andy,
>
> I've had an iOs configuration that I have used for a while. I use it to route all traffic through (for when I am on the road at untrusted WiFi) rather than just to get to internal resources. Here is the config I have been using:
>
> conn ios-ikev1
> keyexchange=ikev1
> authby=xauthrsasig
> xauth=server
> left=%defaultroute
> leftsubnet=0.0.0.0/0
> leftfirewall=yes
> leftcert=serverCert.pem
> right=%any
> rightsubnet=192.168.3.0/24
> rightsourceip=192.168.3.0/24
> auto=add
>
> This is using StrongSwan 5.0.4 and the latest iOS (although it has worked for a while).
>
> -Jeremy
>
>
> --
> Jeremy Beker - gothmog at confusticate.com
> http://www.confusticate.com
> Condensing fact from the vapor of nuance.
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
More information about the Users
mailing list