Hmm, I tried your configuration and I get the same behaviour with strongswan. I
don't have an iPhone to test. I tried playing around with the settings
switching from x509 to PSK, changing strongswan knobs, always with the same
result.
I can connect to other strongswan responders using this same
Ajust as your necessity *
( Don't forget to adjust your pf rules accordingly ) *
OpenBSD 6.X ( Works with IPHONE AND STRONGSWAN )
ikev2 "roadwarrior" passive esp from 0.0.0.0/0 to 10.20.30.0/24 \
local egress peer any \
ikesa enc aes-256 auth hmac-sha2-256 group modp2048 \
childsa enc
Hi,
I am trying to connect to iked running on OpenBSD 6.6 from a strongSwan
5.7.2 initiator running on Ubuntu 19.10 (which is behind NAT). I am
using x509 certificates generated by ikectl.
The tunnel cannot be established. It is hard for me to see what's going
on. strongswan seems to be
3 matches
Mail list logo
