[strongSwan] MacOS: IKEv1 fails after wakeup
Tobias Brunner
tobias at strongswan.org
Tue Mar 15 12:13:19 CET 2016
Hi Harald,
> I have no idea why the Mac opens a new session now, instead of relying
> upon the old IKE_SA, but it seems to me that the Mac missed to send
> xauth info. Is this correct?
Yes, looks that way. Which is strange because while in the previous
reconnection attempt the client did not request a virtual IP it did at
least respond to the XAuth request. Here it apparently does neither
before sending a Quick Mode request. Maybe it's a reauthentication.
This was a problem with (older) iOS versions, which lead to the
development of the xauth-noauth plugin [1]. Try checking the client log.
Regards,
Tobias
[1]
https://wiki.strongswan.org/projects/strongswan/wiki/IOS_%28Apple%29#ISAKMP-reauthentication-issues
More information about the Users
mailing list