Hi Tobias, I'm currently using Strongswan 4.5.2 from squeeze-backports (since the version in stable doesn't support NAT-T, which is required for my case) and I cannot use iOS to connect to my server using IKEv1, prompting "could not validate server certificate" (I have installed both client p12 and CA certificate on the iOS device). Strongswan mailist suggested this is related to enable-cisco-quirks option, that's why I submit this bug.
Thanks for your concern! Tony > Date: Mon, 27 Feb 2012 23:04:50 +0100 > From: tob...@strongswan.org > To: 661...@bugs.debian.org > CC: tonyzh...@hotmail.com > Subject: Re: strongswan: Compatibility for Apple iOS devices > > Hi Tony, > > I'm not sure if --enable-cisco-quirks is actually required to support > iOS devices. I know our wiki says otherwise, but the page you refer to > was written mainly by a user who apparently assumed the client on iOS > devices is written by Cisco, which is a common misconception. The fact > is, thought, that the client on the iOS devices is actually racoon (the > Cisco logo and name is just for marketing reasons). > > Could you please try without the option (i.e. with the stock Debian > package). If it works I will change the wiki page accordingly. > > Thanks, > Tobias