[Openswan Users] Configuring L2TP/IPsec for iPhone and Android

Robert Laverick robert+vpn at scabserver.com
Fri Jul 27 16:37:44 EDT 2012


Android ICS seems to have issues with openswan (it's a bug in Androids VPN
implementation that's sending data in part of a packet that the spec flags
as required to be zero so openswan errors and drops the connection) there's
a patch floating around to bypass the issue by receiving the value and
ignoring it rather than erroring which has allowed me to connect my Nexus S
to ipsec/pt2p tunnel

http://code.google.com/p/android/issues/attachmentText?id=23124&aid=231240180000&name=openswan-android-ics-natoa.patch&token=QPyFqnyZRw724hgXTWTGTryLf6g%3A1338920967804




On 27 July 2012 21:10, Muhammad El-Sergani <msergani at gmail.com> wrote:

> When I try the same configuration over with my Galaxy Tab 7.7" @ 4.0.4, it
> times out.
> I'm actually looking more at some source to understand more the structure
> and keywords within /etc/ipsec.conf .. this would help a lot!
>
> Anyone to the rescue?
>
> Thanks
> //M
>
>
>
> On Fri, Jul 27, 2012 at 2:42 AM, Scott Webster Wood <treii28 at gmail.com>wrote:
>
>>  I would be interested in similar information (for android) - I
>> attempted it once by didn't have success with connecting using the built in
>> android support for either ipsec or pptp. I tried both over the cell
>> network (some services block the additional protocols) and from multiple
>> wifi hotspots - no luck!
>>
>> SW
>>
>>
>> On 7/26/2012 3:04 PM, Muhammad El-Sergani wrote:
>>
>> Hi all,
>>
>> This is my first post on the list, so I hope I'm meeting the rules in
>> general.
>>
>> Ok, so basically I need to set up a VPN tunnel for our road warriors to
>> be able to reach outside services. In other words, I'm not trying to setup
>> a VPN for these clients to access the internal network, but rather provide
>> route to external services which essentially is not available through their
>> normal WAN connection.
>>
>> Could you provide some info as to where stuff could be found that would
>> help with this?
>>
>> I have done it already but I'm sure I understand nothing at all from what
>> I've done, and I want to route specific IP addresses to these clients, not
>> everything .. is that possible?
>>
>>  Thanks
>> //M
>>
>>
>>
>> _______________________________________________Users at lists.openswan.orghttps://lists.openswan.org/mailman/listinfo/users
>> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
>> Building and Integrating Virtual Private Networks with Openswan:http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>>
>>
>>
>> _______________________________________________
>> Users at lists.openswan.org
>> https://lists.openswan.org/mailman/listinfo/users
>> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
>> Building and Integrating Virtual Private Networks with Openswan:
>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>>
>>
>
> _______________________________________________
> Users at lists.openswan.org
> https://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20120727/57cac729/attachment.html>


More information about the Users mailing list