[strongSwan] Delay in authentication from iOS devices
Martin Willi
martin at strongswan.org
Thu Apr 17 15:17:11 CEST 2014
Hi Harry,
> Apr 17 12:38:22 server-ip charon: 12[ENC] generating ID_PROT response 0 [ ID CERT SIG ]
> Apr 17 12:38:22 server-ip charon: 12[NET] sending packet: from server.ip[4500] to remote.ip[16523] (1484 bytes)
> Apr 17 12:38:22 server-ip charon: 12[ENC] generating TRANSACTION request 2130590094 [ HASH CP ]
> Apr 17 12:38:22 server-ip charon: 12[NET] sending packet: from server.ip[4500] to remote.ip[16523] (76 bytes)
>
> [THIS IS WHERE THE DELAY HAPPENS]
Likely that the smaller TRANSACTION request arrives before the ID_PROT
response of Main Mode, but your (raccoon) iOS client can't handle it and
waits for the retransmit.
Have a look at the discussion and the work-around suggested at [1], this
might work here as well.
Regards
Martin
[1]https://lists.strongswan.org/pipermail/users/2014-April/005961.html
More information about the Users
mailing list