[strongSwan] iOS Config
Chris Arnold
carnold at electrichendrix.com
Thu Mar 21 01:10:56 CET 2013
Am Freitag, 15. März 2013, 18:13:04 schrieb Chris Arnold:
> Trying to get multiple iOS devices connected to strongSwan 4.4.0 on SLES11.
> When trying from iPhone 5 with iOS6, i get vpn did not respond. Nothing
> appears in the charon logs either. I have verified the strongSwan public ip
> is correct. Here is my iOS section of ipsec.conf:
>
> conn iOS
> keyexchange=ikev1
> authby=xauthpsk
> xauth=server
> left=%defaultroute
> leftsubnet=192.168.1.0/24
> right=%any
> rightsourceip=192.168.3.0/24
> pfs=no
> auto=add
>
> ipsec.secrets:
> : PSK "my psk"
>
> I am following this advise:
> http://wiki.strongswan.org/projects/strongswan/wiki/IOS_%28Apple%29
>
> Can someone help with this?
I have the same problem, and upgraded to strongswan 5.0.2 because of that, but
it didn't help either. My thread is "wiki article iOS". Let's see if we can
solve that.
ipsec statusall
000 Status of IKEv1 pluto daemon (strongSwan 4.4.0):
000 interface lo/lo 127.0.0.1:4500
000 interface lo/lo 127.0.0.1:500
000 interface lo/lo 127.0.0.2:4500
000 interface lo/lo 127.0.0.2:500
000 interface eth0/eth0 192.168.1.18:4500
000 interface eth0/eth0 192.168.1.18:500
000 %myid = '%any'
000 loaded plugins: curl ldap aes des sha1 sha2 md5 random x509 pubkey pkcs1 pgp dnskey pem openssl gcrypt hmac gmp attr
000 debug options: none
000 Virtual IP pools (size/online/offline):
000 "iOS": 255/0/0
000
000 "iOS": 192.168.1.0/24===192.168.1.18[192.168.1.18]---192.168.1.1...%any[%any]===%iOS; unrouted; eroute owner: #0
000 "iOS": ike_life: 28800s; ipsec_life: 1200s; rekey_margin: 180s; rekey_fuzz: 100%; keyingtries: 1
000 "iOS": policy: ENCRYPT+TUNNEL+XAUTHPSK+XAUTHSERVER; prio: 24,32; interface: eth0;
000 "iOS": newest ISAKMP SA: #0; newest IPsec SA: #0;
000
Does this look right?
More information about the Users
mailing list