[Swan] [IPsec] IKEv2 in iOS 9 and OS X El Capitan (fwd)

Jonas Trollvik jontro at gmail.com
Sun Sep 27 21:34:17 EEST 2015


has anyone managed to get ikev2 with username/password authentication on el
capitan working with libreswan?

Is there a good example config to get started with?

Kind regards

2015-07-09 23:21 GMT+02:00 Paul Wouters <paul at nohats.ca>:

> I thought this might be of interest to people here,
> Paul
> ---------- Forwarded message ----------
> Date: Thu, 9 Jul 2015 17:09:51
> From: Tommy Pauly <tpauly at apple.com>
> Cc: Vividh Siddha <vsiddha at apple.com>, Christophe Allie <callie at apple.com
> >,
>     Delziel Fernandes <delziel at apple.com>
> To: IPsecME WG <ipsec at ietf.org>
> Subject: [IPsec] IKEv2 in iOS 9 and OS X El Capitan
> Hello,
> I wanted to give an update to the list about some recent improvements to
> IPSec support in Apple’s operating
> systems. Apple has released the public betas for iOS 9 and OS X El Capitan
> today, available at beta.apple.com.
> As part of these releases, we have extended support for IKEv2, and have
> made IKEv2 the default VPN type. Here is
> a brief summary of what has changed for these releases:
> - IKEv2 is now manually configurable for both iOS and OS X, and is now the
> default VPN type when adding new VPN
> configurations. We support manual configuration of EAP-MSCHAPv2, EAP-TLS,
> no-EAP certificate auth, and no-EAP
> shared secret auth. We also support configuring IKEv2 using a
> configuration profile, which provides many more
> options for different authentication types, crypto algorithms, and
> enabling/disabling features.
> - We now enable MOBIKE (RFC 4555) by default
> - We now support IKEv2 Message Fragmentation (RFC 7383)
> - We now support server redirect (RFC 5685)
> - We support suite-B crypto algorithms
> I encourage anyone who is interested to download the betas and try out
> IKEv2! If you have feedback or questions,
> please send them my way. I’ll also be attending the meeting in Prague.
> Best,
> Tommy Pauly
> Core OS Networking, Apple
> _______________________________________________
> IPsec mailing list
> IPsec at ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20150927/a20ae058/attachment.html>

More information about the Swan mailing list