[Openswan Users] android l2tp crt connection

Bob Miller bob at computerisms.ca
Sat Jul 16 02:05:37 EDT 2011


Hello,
I have an existing vpn server working with xp and ubuntu clients.  Enter
android tablet for a fun-filled thrilling Friday evening ;)
The connection gets as far as establishing the ISAKMP SA, then the log
reports it is retransmitting in response to duplicate packet.  By
tcpdump, a few seconds later a packet comes from the tablet, the server
responds with a packet and another entry about retransmitting shows up
in the log.  5 or 10 seconds later the tablet sends another packet, the
server responds and logs as before, and it is done.
I have tried adjusting protoports from 1701/0/%any, and removed and
added a few lines from the existing config, most of which broke the
existing system.  I have tried to find some kind of logging on the
tablet, but can find no such thing. 
I have the connection coming up if I use PSK instead of certs.  I tried
using the authby=secret|rsasig, but after that failed I found a recent
post that explains that is to be expected
This smells like some attribute the certificate needs to have to for
android to play with it.  
Google indicates some have it working, would anyone be willing to share
their experience?

-- 
Bob Miller
334-7117/660-5315
http://computerisms.ca
bob at computerisms.ca
Network, Internet, Server,
and Open Source Solutions



More information about the Users mailing list