On 30 Oct 2016, at 01:09, Derek Cameron <dcamero2...@gmail.com> wrote:
> Here is a configuration that works for iOS 10: > http://xpu.ca/strongswan-ubuntu/ <http://xpu.ca/strongswan-ubuntu/> I’ve been following this myself and it works on my Android phone, but not on my new OSX 10.12.1. I get looking for peer configs matching <ExternalIP>[<CertDN>]…<RemoteIP>[turbo] no matching peer config found On Android, I don’t have to enter the remote ID and it works with or without that (ends up as “looking for … <ExternalIP>[%any]”). But on OSX I _must_ enter that. Comparing the two connection attempts, that ‘looking for peer configs’ is _identical_, but the OSX client doesn’t work. If I don’t enter the ‘Local ID’ (it’s optional), then the ‘[turbo]’ parts ends up as it’s local NAT address. My config: — snip — config setup conn %default keyexchange=ikev2 left=<ExternalIP> leftid=“<CertDN>" leftcert=server.pem leftsubnet=0.0.0.0/0 right=%any rightsourceip=192.168.6.0/24 rightdns=192.168.6.1 dpdaction=clear — snip — I had to put the DN in there because I got: loaded certificate “<CertDN>" from ’server.pem' id ’server.domain.tld' not confirmed by certificate, defaulting to ‘<CertDN>’
_______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users