Hi, I have started to testing a beta version of iOS 8 with strongswan and see a problem with tunnel setup.
With strongswan 5.1.2 and iOS 8, I see a message saying "invalid HASH_V1 payload length, decryption failed" during connection setup time, which leads to a [ HASH N(PLD_MAL) ] message being sent to the iPad. This is using IKE v1 (iOS 8 supports IKEv2). I have tried iOS 8 with a 4.x strongswan and the connection was successfully setup (after a hack around the xauth problem with iOS). I have also tried iOS 7 with 5.1.2 and this works. So it seems both 5.1.2 and iOS 8 work in my setup, but not with each other. Is it possible that the error is something else and not really due to the invalid payload length? Or is it that strongswan 5.1.2 is stricter about this than strongswan 4.x ? Note:Due to the XAuth problem with iOS, I am using the "rightauth2=xauth-noauth" trick in the connection definition and use the appropriate plugin. regards, -smk
_______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
