[strongSwan] iOS 9 client is lost after server `generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]` then sending packet

Dr Cameron dc at sgms.ca
Sun Dec 27 19:54:19 CET 2015

Good morning,

I have tested iOS 9 with both certificate and user/password. Both work.

Have you done the following?

When you set up the VPN for user/password (EAP-MSCHAPV2) on iOS 9, 
specify the VPN as follows:

Description:    Anything you like
Server:         Host name or IP address of server
Remote id:      Same as server certificate CN and san
Local id:       Same as user id
Authentication: User authentication
Username:       User id, as in /etc/ipsec.secrets
Password:       Password, as in /etc/ipsec.secrets

The CA certificate that signed the server certificate MUST 
be installed as a "Profile" on your iOS 9 device. 
Presumably you can skip this step if you have a real server certificate 
issued by a real Certificate Authority (CA), but I have not tested this.

Hope this helps.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20151227/c334bfa1/attachment.pgp>

More information about the Users mailing list