[Openswan Users] Apple macOSX 10.4.3: no change :(

Agent Smith news8080 at yahoo.com
Tue Nov 1 14:16:27 CET 2005 

It does work when you use racoon though thats the
point I am trying to make. 

and by 'using racoon' I mean exactly that, use racoon,
the config file is at /etc/racoon/racoon.conf


--- Jacco de Leeuw <jacco2 at dds.nl> wrote:

> 
> Paul Wouters wrote:
> 
> > I just installed the apple tiger update (10.4.3). 
> Although the error message for
> > trying to select an X.509 certificate instead of
> presharedkey has improved from
> > "error no valid certificate found" to "no valid
> certificate found, use keychain
> > access to import one", I am still unable to get
> X.509 certificates to work on
> > MacOSX.
> 
> Apple has also not changed a thing in racoon since
> Mac OS X 10.4.0:
>
http://darwinsource.opendarwin.org/10.4.3/network_cmds-245.1/racoon.tproj/
> 
> I.e. still the non-standard NAT-T, still based on an
> old racoon that has
> been discontinued. Sigh.
> 
> I don't think there is any source code for the GUI
> part of the Mac's VPN
> client, so we can't investigate what is going on.
> 
> > How are you "using racoon"?
> > I am simply trying to use Apple's GUI in Internet
> Connect's "L2TP/VPN"
> > section. What do you use? racoon from
> Terminal.app?
> 
> I have been told that an alternative method is
> available:
> 
>    "OS X creates config-files on the fly, but the
> main racoon.conf is not
>    touched, instead there's a line in racoon.conf
> that says:
>    include "/etc/racoon/remote/*.conf"
>    So I changed the racoon.conf just to my needs
> (Certificates and so on),
>    and removed this include-line. With that, you can
> set the connection up via
>    the GUI, and racoon will be called by the GUI
> with the correct parameters
>    and the policies will be set correctly. This
> might be a problem if you have
>    more than 1 network (different certificates) to
> connect to".
> 
> It's not particularly user friendly but it's better
> than nothing.
> See this page for an example
> /etc/racoon/racoon.conf:
>
http://www.wogri.com/linux/ipsec/multiple_pages/node29.html
> 
> Jacco
> -- 
> Jacco de Leeuw                        
> mailto:jacco2 at dds.nl
> Zaandam, The Netherlands          
> http://www.jacco2.dds.nl
>                      Mosquitos suck
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> 



		
__________________________________ 
Start your day with Yahoo! - Make it your home page! 
http://www.yahoo.com/r/hs

More information about the Users mailing list