Hi,
I’m new to strongSwan and IPsec as a whole, but this is what I successfully use
in iOS8 with IKEv2.
Relevant part of ipsec.conf:
conn me-iphone
right=%any
rightdns=1.2.3.4,5.6.7.8
rightid=me-iphone.XXXXX.vpn
rightsourceip=192.168.0.10
Make sure you set both CN and SAN fields in your client cert. Use the same name
as rightid in the connection part of ipsec.conf.
ipsec pki --pub --in private/iphone_key.pem --type rsa | ipsec pki --issue
--lifetime XXX \
--cacert cacerts/ca_cert.pem --cakey private/ca_key.pem --dn ”C=XX,
O=XXXXX, CN=me-iphone.XXXXX.vpn" \
--san me-iphone.XXXXX.vpn --outform pem > certs/me_iphone_cert.pem
Regards,
-ME
> 8 jan 2015 kl. 02:28 skrev Alexey Popov <[email protected]>:
>
> Hi,
> I'm trying to setup ikev2 with certificates authorization for ios 8.
>
> I did as described in wiki and got "no matching peer config found" error when
> I connect from iphone, still connection from ubuntu desktop works fine.
>
> Could you please tell me what is wrong?
> log, configs and .mobileconfig files are bellow
> http://pastebin.com/9eTQGgP8
> http://pastebin.com/JCe8EWQM
> http://pastebin.com/udL4B3A1
> http://pastebin.com/98WbTafe
>
> Many thanks.
> _______________________________________________
> Users mailing list
> [email protected]
> https://lists.strongswan.org/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
