[Swan] mac os x and ikev2

[Paul Wouters]

I use .mobileprofile config which work fine on all OSX and iPhones 

Sent from my iPhone

> On Oct 19, 2017, at 18:43, Computerisms Corporation <bob at computerisms.ca> wrote:
> 
> got it.
> 
> Tried lots and lots of things, so not sure exactly what combination, but the last two steps were to reimport the certificates under the system chain instead of the login chain on the mac, and then put rightid=%myid to the conn...
> 
>> On 2017-10-19 03:06 PM, Computerisms Corporation wrote:
>> Wondering if anyone has ikev2 working with mac os 10.11?  I do have an ikev2 conn working for windows, looking for the magic incantation to get them both working together...
>> I found one post by  jpastuszek from a year and a half ago, apparently with version 3.13.  I have tried everything suggested there and just about every combination of settings that make sense to me, and the best I get is a single message:
>> STATE_PARENT_R1: received v2I1, sent v2R1 {auth=IKEv2 cipher=aes_256 integ=sha256_128 prf=sha2_256 group=MODP2048}
>> I have had some errors about invalid syntax:
>> returned STF_FAIL with v2N_INVALID_SYNTAX
>> But when I seem to have those fixed, I end up back at the original error.
>> I am sifting through the debug logs now, but so far not finding any problems.  Thinking that while I am looking maybe someone has already figured out the secret, so wouldn't hurt to ask...
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan