[strongSwan] Mac OS 10.10 Client to Linux Strongswan server HASH N(AUTH_FAILED) error
Tobias Brunner
tobias at strongswan.org
Tue Apr 26 15:16:55 CEST 2016
Hi Jude,
> Apr 25 11:20:44 RH7Standard charon: 09[IKE] found 1 matching config, but
> none allows XAuthInitRSA authentication using Main Mode
Seems your left|rightauth settings are still wrong. As I wrote before
you need
leftauth=pubkey
rightauth=pubkey
rightauth2=xauth
> I have tried a few variations with out success, like
> authby=xauthrsasig
> authby=xauthpsk
authby has no effect if you configure left|rightauth.
> I presume this is the configuration example I should be looking at to get
> this to behave:
> https://www.strongswan.org/testing/testresults/ikev1/xauth-id-rsa-hybrid/
No, as the name indicates and the description explains this uses XAuth
in Hybrid Mode (where the client is only authenticated with XAuth not
PSK or RSA). While the Apple clients support this mode it's not their
default setting.
Regards,
Tobias
More information about the Users
mailing list