[Openswan Users] iPad IPSEC/L2TP->OpenSwan problem
paul at xelerance.com
Wed Oct 27 17:10:45 EDT 2010
On Wed, 27 Oct 2010, John E.P. Hynes wrote:
> I have a configuration that works for windows clients but not for
> iPads. I have included some of the changes suggested by (Nate Carlson?
> Can't remember) to the config files to allow Apple clients to connect.
> Oct 27 16:15:12 firewall pluto: "dynip-hosts" x.x.x.x #7: byte
> 2 of ISAKMP Identification Payload must be zero, but is not
> Oct 27 16:15:12 firewall pluto: "dynip-hosts" x.x.x.x #7:
> probable authentication failure (mismatch of preshared secrets?):
> malformed payload in packet
> The "mismatch of preshared secrets?" seems obvious - but I've checked to
> make sure they agree many times.
Did you make sure about this? Perhaps a weird character not supported on
> My "dynip-hosts" config looks like this:
> conn dynip-hosts
forceencaps should not be needed.
leftsubnet= is wrong and should be left out
(if you put it there because your openswan server is behind a port foward,
remove it and put left=yourrealip there.
More information about the Users