On 10.03.2017 04:18, Alexander wrote: > Hi Andreas, > > I'm set up a VPS on amazon EC2 ubuntu16.04, now I can use Win7 and WIn10 and > IOS 10.2.1( IPSec Cisco type) to connect this VPS sucessfully, but vpnc or > Cisco AnyConnect, failed > > > VPS Ubuntu16.04.02 client Ubuntu16.04.02 > > ================================================================================================== > VPS configure > config setup > strictcrlpolicy=no > uniqueids=never > conn %default > dpdaction=clear > dpddelay=35s > dpdtimeout=300s > > conn IKEv1-PSK_XAUTH > keyexchange=ikev1 > fragmentation=yes > #left -- local(server) side > left=%any > leftauth=psk > leftsubnet=0.0.0.0/0 > #right -- remote(client) side > right=%any > rightauth=psk > rightauth2=xauth > rightsourceip=10.31.2.0/24 > auto=add
Set xauth = server > > ============================================================================================================================== > strongswan NetworkManager Applet 1.4.1 will cause NetworkManager coruption, > and I noticed that compile networkmanager applet must configure use a > --prefix=/usr option, for working with networkmanager. and this applet can > only support cert and eap type, didn't support anyother type. Probably because your version of NM is too old. Obviously, the settings you pass to ./configure must correspond to your filesystem hierarchie. I strongly recommend packaging the software with your distro's package format to make sure you can cleanly uninstall and upgrade. > ============================================================================================================================== > Cisco AnyConnect Client failed, and even this program cann't display many > configure options, it's just show server option, user > account or password option can't saw IIRC Cisco AnyConnect can't be used with strongSwan, because it sends some proprietary extensions and data to strongSwan that it doesn't (and maybe can't) support. I think it at least wants to get some data back that it previously sends in an IKE message or something like that. It's somewhere on the ML, I think.-- Mit freundlichen Grüßen/Kind Regards, Noel Kuntze GPG Key ID: 0x63EC6658 Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
