[strongSwan] StrongSwan Mac OS X app questions

Ken Nelson ken at cazena.com
Fri Mar 13 21:27:22 CET 2015


I’ve successfully connected the StrongSwan Mac OS X app version 5.2.2 (1) to a StrongSwan v5.2.2 VPN gateway.  A few questions/issues:


1.  DNS is not working.  I have rightdns=10.8.65.164 defined in the configuration (right is the remote access client).  The StrongSwan Mac OS X log indicates it is installing the DNS server address:

handling UNITY_SPLIT_INCLUDE attribute failed
handling UNITY_LOCAL_LAN attribute failed
installing 10.8.65.164 as DNS server
handling UNITY_DEF_DOMAIN attribute failed
installing 10.8.65.164 as DNS server
installing new virtual IP 10.255.252.1

The VPN gateway has the Cisco Unity attributes defined as it also support the native Mac OS X client.  

Once the tunnel is up, I can ping the server (10.8.54.164) but can not resolve any hostnames it serves up.

Are there any issues with DNS & StrongSwan Mac OS X app?  


2.  EAP-GTC authentication.  I would like to use EAP-GTC authentication with the Mac app and would be willing to modify the app to add this feature.  Any comments on how to do this or the level of difficulty are appreciated. 


3.  Machine authentication.  Why doesn’t the Mac app require a client certificate for machine authentication, as is required for the native Mac client?


4.  Password configuration.  It would be nice to be able to configure the user’s password, instead of having to enter it on every tunnel invocation.


More information about the Users mailing list