Hi Harald, > I have no idea why the Mac opens a new session now, instead of relying > upon the old IKE_SA, but it seems to me that the Mac missed to send > xauth info. Is this correct?
Yes, looks that way. Which is strange because while in the previous reconnection attempt the client did not request a virtual IP it did at least respond to the XAuth request. Here it apparently does neither before sending a Quick Mode request. Maybe it's a reauthentication. This was a problem with (older) iOS versions, which lead to the development of the xauth-noauth plugin [1]. Try checking the client log. Regards, Tobias [1] https://wiki.strongswan.org/projects/strongswan/wiki/IOS_%28Apple%29#ISAKMP-reauthentication-issues _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
