[Openswan Users] MacOS VPN with certificate

Alexandre Ghisoli alexandre.ghisoli at ycom.ch
Mon Aug 6 15:00:30 EDT 2007


Ok, I'm in front of a MacBook, but without VPN access, so I start a new 
thread ..

Here is the related configuration file make by the VPN Server and used 
by racoon.

remote xxx {
   doi ipsec_doi;
   situation identity_only;
   exchange_mode main;
   my_identifier asn1dn;
   peers_identifier fqdn "cust1.vpn.ycom.ch";
   verify_identifier off;
   certificate_type x509 in_keychain "xxx";
   verify_cert on;
   certificate_verification sec_framework use_peers_identifier;
   nonce_size 16;
   initial_contact on;
   support_mip6 on;
   proposal_check obey;

   proposal {
      authentication_method rsasig;
      hash_algorithm sha1;
      encryption_algorithm 3des;
      lifetime time 3600 sec;
      dh_group 2;
   }
}

Regards

--Alexandre

P.S. BTW, I'm on IRC right now.


More information about the Users mailing list