[Openswan Users] Apple macOSX 10.4.3: no change :(
Agent Smith
news8080 at yahoo.com
Tue Nov 1 14:16:27 CET 2005
It does work when you use racoon though thats the
point I am trying to make.
and by 'using racoon' I mean exactly that, use racoon,
the config file is at /etc/racoon/racoon.conf
--- Jacco de Leeuw <jacco2 at dds.nl> wrote:
>
> Paul Wouters wrote:
>
> > I just installed the apple tiger update (10.4.3).
> Although the error message for
> > trying to select an X.509 certificate instead of
> presharedkey has improved from
> > "error no valid certificate found" to "no valid
> certificate found, use keychain
> > access to import one", I am still unable to get
> X.509 certificates to work on
> > MacOSX.
>
> Apple has also not changed a thing in racoon since
> Mac OS X 10.4.0:
>
http://darwinsource.opendarwin.org/10.4.3/network_cmds-245.1/racoon.tproj/
>
> I.e. still the non-standard NAT-T, still based on an
> old racoon that has
> been discontinued. Sigh.
>
> I don't think there is any source code for the GUI
> part of the Mac's VPN
> client, so we can't investigate what is going on.
>
> > How are you "using racoon"?
> > I am simply trying to use Apple's GUI in Internet
> Connect's "L2TP/VPN"
> > section. What do you use? racoon from
> Terminal.app?
>
> I have been told that an alternative method is
> available:
>
> "OS X creates config-files on the fly, but the
> main racoon.conf is not
> touched, instead there's a line in racoon.conf
> that says:
> include "/etc/racoon/remote/*.conf"
> So I changed the racoon.conf just to my needs
> (Certificates and so on),
> and removed this include-line. With that, you can
> set the connection up via
> the GUI, and racoon will be called by the GUI
> with the correct parameters
> and the policies will be set correctly. This
> might be a problem if you have
> more than 1 network (different certificates) to
> connect to".
>
> It's not particularly user friendly but it's better
> than nothing.
> See this page for an example
> /etc/racoon/racoon.conf:
>
http://www.wogri.com/linux/ipsec/multiple_pages/node29.html
>
> Jacco
> --
> Jacco de Leeuw
> mailto:jacco2 at dds.nl
> Zaandam, The Netherlands
> http://www.jacco2.dds.nl
> Mosquitos suck
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
>
__________________________________
Start your day with Yahoo! - Make it your home page!
http://www.yahoo.com/r/hs
More information about the Users
mailing list