Hi Tom, leftsendcert is set. Here are the details of the config :
conn %default keyexchange=ikev2 ikelifetime=60m ike=aes256-sha256-modp2048,aes256-sha1-modp1024,aes128-sha1-modp1024,3des-sha1-modp1024! esp=aes256-sha1,aes256-sha1,3des-sha1! dpdaction=restart dpddelay=60s dpdtimeout=300s keyingtries=5 inactivity=4h lifetime=4h left=strongswan.restena.lu [email protected] leftauth=pubkey leftsendcert=always leftcert=strongswan.restena.lu-cert.pem leftsubnet=0.0.0.0/0,::/0 right=%any rightauth=pubkey rightsendcert=always rekey=yes reauth=yes mobike=no Apart from the default, every user is idenfied by it's certificate CN and is assigned to an IP pool conn IKEv2-tech-ctompers rightid="..." rightsourceip=%pool-v4,%pool-v6 auto=add We already had this issue in former versions when the native client was doing only IKEv1. kind regards, Claude On 24/03/2020 12:38, Tom Rymes wrote: > Claude, > > Have you followed the suggestions > here?: > https://wiki.strongswan.org/projects/strongswan/wiki/AppleClients#IKEv2-on-iOS-9-amp-macOS-1011-and-newer > > leftsendcert=always solves a similar issue for us, I believe. > > Perhaps you could post some details of your installation? > > Tom > > On Mar 24, 2020, at 6:56 AM, Claude Tompers <[email protected] > <mailto:[email protected]>> wrote: > >> Hi all, >> >> Our whole team has issues with the native OSX VPN client not being very >> stable with our strongswan VPN server. >> Connections drop sometimes randomly but certainly after roughly 55 >> minutes. >> I'm wondering if anyone has the same issue and managed to solve it, or >> if there's another Mac VPN client that is stable ? >> >> kind regards, >> Claude >> >>
signature.asc
Description: OpenPGP digital signature
