On Wed, Jan 02, 2013 at 12:47:24PM -0500, Jason wrote: > On Wed, Jan 02, 2013 at 08:27:40AM -0800, Bharath Kumar wrote: > > Our CA cert is pem format. > > Gah! I got it. For some reason I had it stuck in my head that iOS only > accepted .p12 cert files. It imported my CA .pem just fine, which then > listed my client cert as trusted. > > I actually got a [vpn] icon for a bit. Unfortunately, it won't connect > again. It's probably something I changed while debugging. I'll figure > it out later.
Just to close this up for the archives, I have it working. By working, I mean I can ping the virtual IP on the phone from the server, and I can ssh to the server's internal IP address from the phone. To do this, I had to enable backports on Debian squeeze (armel). This bumped strongswan up to version 4.5.1. Next up is getting my routing rules layed out, then creating profiles for iOS devices. I'd like the VPN to be always on, which there doesn't seem to be a way to set that without profiles... thx, Jason. _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
