[strongSwan] iOS Config
Chris Arnold
carnold at electrichendrix.com
Thu Mar 21 01:46:22 CET 2013
Am Freitag, 15. März 2013, 18:13:04 schrieb Chris Arnold:
> Trying to get multiple iOS devices connected to strongSwan 4.4.0 on SLES11.
> When trying from iPhone 5 with iOS6, i get vpn did not respond. Nothing
> appears in the charon logs either. I have verified the strongSwan public ip
> is correct. Here is my iOS section of ipsec.conf:
>
> conn iOS
> keyexchange=ikev1
> authby=xauthpsk
> xauth=server
> left=%defaultroute
> leftsubnet=192.168.1.0/24
> right=%any
> rightsourceip=192.168.3.0/24
> pfs=no
> auto=add
>
> ipsec.secrets:
> : PSK "my psk"
>
> I am following this advise:
> http://wiki.strongswan.org/projects/strongswan/wiki/IOS_%28Apple%29
>
> Can someone help with this?
>I have the same problem, and upgraded to strongswan 5.0.2 because of that, but
>it didn't help either. My thread is "wiki article iOS". Let's see if we can
>solve that.
charon log shows:
11[CFG] received stroke: initiate 'iOS'
11[CFG] ignoring initiation request for IKEv1 config
ipsec statusall
000 Status of IKEv1 pluto daemon (strongSwan 4.4.0):
000 interface lo/lo 127.0.0.1:4500
000 interface lo/lo 127.0.0.1:500
000 interface lo/lo 127.0.0.2:4500
000 interface lo/lo 127.0.0.2:500
000 interface eth0/eth0 192.168.1.18:4500
000 interface eth0/eth0 192.168.1.18:500
000 %myid = '%any'
000 loaded plugins: curl ldap aes des sha1 sha2 md5 random x509 pubkey pkcs1 pgp dnskey pem openssl gcrypt hmac gmp attr
000 debug options: none
000 Virtual IP pools (size/online/offline):
000 "iOS": 255/0/0
000
000 "iOS": 192.168.1.0/24===192.168.1.18[192.168.1.18]---192.168.1.1...%any[%any]===%iOS; unrouted; eroute owner: #0
000 "iOS": ike_life: 28800s; ipsec_life: 1200s; rekey_margin: 180s; rekey_fuzz: 100%; keyingtries: 1
000 "iOS": policy: ENCRYPT+TUNNEL+XAUTHPSK+XAUTHSERVER; prio: 24,32; interface: eth0;
000 "iOS": newest ISAKMP SA: #0; newest IPsec SA: #0;
000
Does this look right?
_______________________________________________
Users mailing list
Users at lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
More information about the Users
mailing list