[Openswan Users] Trying to get openswan working with android

Patrick Lists openswan-list at puzzled.xs4all.nl
Fri May 18 08:18:20 EDT 2012


On 18-05-12 13:44, Robert Laverick wrote:
[snip]
> Actually the problem from the originally linked bug report appears to have only 
> been introduced with Android 4.0.x and above when they moved to ipsec-tools 
> 0.8.0 so a test from 2.3.6 doesn't actually test if this is resolved
> 
> http://code.google.com/p/android/issues/detail?id=23124
> 
> I've attempted to connect to the test VPN you mentioned from my Android 4.0.4 
> device and I get timeout failures which mirror the ones I get using 
> openswan-2.6.37-1.fc16.x86_64 on my own server.
> 
> I'm more than happy to help test this, but I'm a beginner at this VPN stuff, all 
> I know is that I've got it configured to that my Windows 7 laptop can connect to 
> the VPN just fine.

Maybe you could try Paul's test server? I could not connect but maybe
that was my end: "Can someone try it using android with l2tp.nohats.ca,
user test, password test, psk test? That has fixes in it from git (so
post openswan 2.6.37) that did address OSX issues we saw with NAT-T. It
might also fix the android issue."

[snip]
> May 17 00:13:28 gozer pluto[5124]: "home-ipsec"[8] 149.254.180.87 #6: byte 7 of 
> ISAKMP NAT-OA Payload must be zero, but is not
> May 17 00:13:28 gozer pluto[5124]: "home-ipsec"[8] 149.254.180.87 #6: malformed 
> payload in packet

I saw similar messages when my Nexus S was running ICS 4.0.x. This
weekend I'll try to see if I can setup 2.6.38 on CentOS 6.2 and test again.

Regards,
Patrick


More information about the Users mailing list