[Openswan Users] Apple iPhone to support L2TP/IPsec
Jacco de Leeuw
jacco2 at dds.nl
Wed Jun 27 08:10:05 EDT 2007
Christian Horn wrote:
> as far as i know the mac osx ipsec-client is kame-based
Yes, it's a fork.
> and the source is closed?
Only the GUI part. You can download the source code for Apple's racoon
version (which hasn't seen changes since Feb 2006) from:
http://www.opensource.apple.com/darwinsource/10.4.9.ppc/network_cmds-245.16/racoon.tproj/
> Patching OpenSwan or StrongSwan (preventing checks of the opposite ipsec-
> peer, workarounds for a not RFC-compliant ipsec-setup) was the only way to
> get a working ipsec-client at my workplace.
I don't know what you mean. Mac OS X and Openswan have been interoperating
for a while now. Are you using an old version?
> Smartcards needed for authentication can also be added to mac osx infra-
> structure,
Haven't looked at that yet. I will have to check if my smartcard is supported
on Mac OS X. I suppose it hooks into Keychain.App which (I hope) means that
the VPN client can use it.
> but changing the ipsec-code is not possible since the code is
> closed.
I don't think that would be the right place to add support for smartcards.
Let's see if it works with Keychain.App first.
> Has someone seen other ipsec-clients for the mac?
http://www.jacco2.dds.nl/networking/openswan-macosx.html#VPN_alternatives
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list