[Openswan Users] OpenSWAN and iPhone IPSec only VPN
Willie Gillespie
wgillespie+openswan at es2eng.com
Wed Jun 27 23:37:04 EDT 2012
On 6/26/2012 11:31 AM, Eric Shubert wrote:
> So the BL to me here is that at least 2 of the 3 stock VPN
> implementations in the iPhone (PPTP, IPSec) are inherently insecure. I
> don't know for sure whether the 3rd (L2TP/IPSec) is really secure or
> not, but I have my doubts.
I haven't tried the Cisco IPsec option on an iDevice, but the L2TP/IPsec
from an iPhone shows the following in my Openswan logs (using a PSK).
For Main Mode:
STATE_MAIN_R3: sent MR3, ISAKMP SA established
{auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp1024}
For Quick Mode:
STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x03f21869
<0x62f408ce xfrm=AES_256-HMAC_SHA1 NATOA=none NATD=111.126.18.192:4500
DPD=enabled}
More information about the Users
mailing list