[Openswan Users] iphone to Openswan problems

[Wolfgang Kueter]

Hello,

We have an older VPN Gateway running Kernel 2.4.32 and openswan-2.4.4.
The ipsec.conf looks like this. Until now there was one tunnel for
mobile users with PSK and XAUTH. Normally the VPN Client from NCP is
used on the windows clients and this has been working just fine for
years, Nat-Traversal also works just fine.

Now the manager got an iphone and wants build a VPN tunnel to the
gateway to acces the internal mail-server to read and send email. VPN
Client on the iphone is cisco or cisco derivate.

Connection from the iphone cannot be established, though it looks quite
promising, please see the attached logfile:
 
ipsec.conf looks like this,

---8<---
#


version 2

config setup
        interfaces="ipsec0=eth0 ipsec1=eth1"
        klipsdebug=none
        plutodebug=none
        #plutodebug=all
        #       plutoload=%search
        #       plutostart=%search
        uniqueids=yes
        nat_traversal=yes
        virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%
v4:192.168.0.0/16

conn %default
        keyingtries=0
        authby=secret
        right=%any
        rightsubnet=vhost:%no,%priv
        left=212.60.22.54
        leftsubnet=192.168.0.0/24
        leftnexthop=212.60.22.53
        type=tunnel

conn roadwarrior-xauth
        authby=secret
        esp=3des-md5-96
        leftxauthserver=yes
        rightxauthclient=yes
        compress=no
        disablearrivalcheck=no
        type=tunnel
        pfs=no
        auto=add
---8<---

Has anybody successfully built a tunnel from a iphone?

TIA
Wolfgang
-------------- next part --------------
A non-text attachment was scrubbed...
Name: plutolog.log
Type: text/x-log
Size: 9872 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20090728/e4bf8b1a/attachment-0001.bin