[Swan] Connecting to OS X Server

Paul Wouters paul at nohats.ca
Sun Jan 11 18:38:06 EET 2015


On Sun, 11 Jan 2015, Ali Gangji wrote:

> I have not been able to get a successful connection to OS X Server.
> 
> The issue looks like what is described here:
> https://lists.openswan.org/pipermail/users/2013-November/022794.html
> 
> The best I can get is one of the following error messages:
> 
> length of ISAKMP Notification Payload is smaller than minimum

> Linux Libreswan 3.12 (netkey) on 3.17.6-1-ARCH

> Any help would be greatly appreciated. Thanks!

Can you try adding nat-ikev1-method=drafts or nat-ikev1-method=rfc ?

This disables some of the NAT-T detection payloads to work around buggy
implementations. I thought this was limited to Cisco, but perhaps OSX
Server also a bug?

Paul
>


More information about the Swan mailing list