Hi,
I have running server of StrongSwan on a cloud (on Linux CentOS),
configured for iPhone connections (
http://wiki.strongswan.org/projects/strongswan/wiki/IOS_(Apple) )
and an iPhone which successfully connects o the server.
Network topology is: [ iPhone (behind NAT) ] ---> [ SS on Cloud ]
Hi Andreas!
* Andreas Steffen [2009-07-13 14:40]:
> I think any further analysis of the strongSwan log does not give
> additional information. Upon the reception of the XAUTH request,
> the iPhone client should return its username/password. Is there any
> prompt on the client or are there any err
Wolfram Schlich wrote:
> Hi Andreas!
>
> * Andreas Steffen [2009-07-13 13:08]:
>> The iPhone client does not like the XAUTH request:
>>
>>> 12:11:05 pluto[23959]: | starting XAUTH server
>>> 12:11:05 pluto[23959]: "iphone"[3] CLIENT-IP:11044 #3:
>>sending XAUTH request
>>
Hi Andreas!
* Andreas Steffen [2009-07-13 13:08]:
> The iPhone client does not like the XAUTH request:
>
> > 12:11:05 pluto[23959]: | starting XAUTH server
> > 12:11:05 pluto[23959]: "iphone"[3] CLIENT-IP:11044 #3:
> sending XAUTH request
>
> because instead of the XAUTH
The iPhone client does not like the XAUTH request:
> 12:11:05 pluto[23959]: | starting XAUTH server
> 12:11:05 pluto[23959]: "iphone"[3] CLIENT-IP:11044 #3:
sending XAUTH request
because instead of the XAUTH reply it sends an INFORMATIONAL message:
12:11:06 pluto[23959]
* Andreas Steffen [2009-07-10 18:44]:
> Hi Wolfram,
Hey Andreas!
> have you enabled NAT-Traversal in ipsec.conf with the statement
>
> config setup
>nat_traversal=yes
>
> since the source port of the IKE message is 29643 and not 500?
Ah! I overlooked that :)
Ok, added nat_traversal=y
Hi Wolfram,
have you enabled NAT-Traversal in ipsec.conf with the statement
config setup
nat_traversal=yes
since the source port of the IKE message is 29643 and not 500?
Best regards
Andreas
Wolfram Schlich wrote:
> Hi!
>
> I'm trying to establish an IPsec connection between an iPhone
Hi!
I'm trying to establish an IPsec connection between an iPhone
and strongSwan-4.3.2.
iPhone IPsec VPN is working with racoon instead of strongSwan,
see http://holger.carne.de/2008/12/13/vpnipsec-mit-iphone-und-racoon/
for a working racoon config which I've tested successfully.
Here's the log