[Openswan Users] Re: MacOSX 10.4.2: same problems woth NAT-T
Alan Whinery
whinery at hawaii.edu
Wed Jul 13 09:32:26 CEST 2005
Just in case any of this is useful:
I've been playing with this off and on over the last month. One slight,
discouraging revelation was that if you enable the root account and log
into the gui as root (if I remember correctly), then you can import the
X.509 certificate with the Apple keyring app, then the CA cert (I am
using a local CA), which gets you past the initial "no machine
certificate" stuff.
The milestone (stumbling block?) I'm currently sitting on on the Mac
10.4.2 side is:
Jun 14 09:21:56 bender pluto[1744]: "roadwarrior-l2tp"[380] 128.171.6.56
#1287: ignoring informational payload, type INVALID_CERTIFICATE
Wherein the mac appears to be complaining about the server's
certificate. None of the many Windows clients complain about that
certificate -- Macs are too whiny.
I'm doing a talk on this next week in Vancouver, I'm kind of giving up
on getting rid of the word "probably" from the Mac slide...
Alan
More information about the Users
mailing list