[Openswan Users] Connecting to Openswan with OS X Leopard (10.5.1)
Jacco de Leeuw
jacco2 at dds.nl
Mon Dec 10 17:03:55 EST 2007
Schley Andrew Kutz wrote:
> Leopard (10.5.1) requires MPPE-128 when negotiating L2TP/IPsec connections
There have been reports on this mailinglist (in particular by Paul/Ken,
Pepijn Oomen and Alan Whinery) but they did not mention this problem.
But I found a thread on the Apple mailinglist which confirms the problem:
Some questions and observations:
- A Linux pppd log has not yet been posted here but there is one on
the Apple mailinglist. The important bit is this:
pppd7541: rcvd CCP ConfReq id=0x1 <mppe +H -M +S +L -D -C>
pppd7541: sent CCP ConfRej id=0x1 <mppe +H -M +S +L -D -C>
pppd7541: rcvd LCP TermReq id=0x2 \"MPPE required but peer negotiation
Ok, this Linux pppd probably does not have require-mppe-128 (as double
encryption does not make sense for L2TP/IPsec). Andrew writes that things
still don't work if he adds require-mppe-128 on the Linux server:
the Mac client balks that MPPE is not loaded. But what do the logs look
- You can force loading of the MPPE module by connecting with PPTP first.
Not everyone will be running a PPTP server in parallel with an
L2TP/IPsec server. Is there a way to load the MPPE module manually
on the Mac?
- How exactly does one edit the preferences plist file so that L2TP/IPsec
will not ask for MPPE?
- Does 10.5 work? I.e. was the problem introduced in 10.5.1?
- The Apple Mac OS 10.5 Server log posted on the Apple list seems to
suggest that it does not work with Leopard Server either, but for
another reason: it rejects CCP, which is required for MPPE.
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users