[strongSwan] StrongSwan Mac OS X app & DNS

Ken Nelson ken at cazena.com
Thu Apr 2 00:09:25 CEST 2015

On Mar 24, 2015, at 7:49 AM, Martin Willi <martin at strongswan.org<mailto:martin at strongswan.org>> wrote:

I would like to use EAP-GTC authentication with the Mac app and would
be willing to modify the app to add this feature.

The new build additionally comes with the eap-gtc plugin.



Has anyone gotten the StrongSwan Mac app to work using EAP-GTC authentication?

Here my configuration:
   VPN gateway - StrongSwan v5.3.0 running on Centos 6.6
   Remote access client - StrongSwan Mac app v5.3.0 (1) on OS X 10.10.2

When the Mac app initiates a connection, everything works fine until the server requests EAP_GTC.  From the Mac app log:

parsed IKE_AUTH response 2 [ EAP/REQ/GTC ]
server requested EAP_GTC authentication (id 0xDF)
EAP method not supported, sending EAP_NAK

The Mac app returns EAP_NAK and everything shuts down.

The org.strongswan.charon-xpc file contains strings from the EAP-GTC plugin so should be running the correct code:

$ strings /Applications/strongSwan.app/Contents/Library/LaunchServices/org.strongswan.charon-xpc | grep -i gtc
received invalid EAP-GTC message
creating EAP-GTC XAuth backend '%s' failed

Everytime I run it, the load_method call on line 413 of libcharon/sa/ikev2/authenticators/eap_authenticator.c fails.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150401/bf53a7a0/attachment.html>

More information about the Users mailing list