Hi David,
Your logs look perfect to my eye.
Let's take this off-list for more debugging...
Lonnie
On Apr 27, 2012, at 3:20 PM, David Kerr wrote:
> Lonnie, is there a way I can debug this? it is not just ping/traceroute, I
> am not able to get to a web site behind the VPN when I setup push n
Lonnie, is there a way I can debug this? it is not just ping/traceroute, I
am not able to get to a web site behind the VPN when I setup push
networks... Safari just times out, no response from server. Is there any
way I can monitor VPM requests over the network?
Syslog attached also, nothing is
Hi David,
After further investigation, the VPN gateway IP (192.168.2.1 in your case,
10.9.1.1 for me) does not respond to ICMP (or any other) requests, therefore
the first hop of a traceroute times out. A *real* traceroute will then
continue to the second hop and see the local LAN IP address.
Hi David,
We have tested (extensively) what you want to do, and it works for us.
Are you using iOS 5.1 ? Double check for typos, you want:
--
Push Network(s): 192.168.1.0/24
--
Are you using the "Ping Lite" app to test with ? The ping there seems to work,
but traceroute does not for me.
So, y
Lonnie,
I need some configuration help. I have my iPhone connecting to the VPN
and it is working. However as noted in the documentation the iPhone is
routing ALL traffic through the VPN, not just traffic to my internal
network. I tried the Push Network(s) setting but it fails.
My internal net
Hi Ingmar and David,
Yes, removing the "extendedKeyUsage=serverAuth" definition from the IPsec
server certificate works for all IPsec clients I have. It seems OS X is the
only one picky enough for it to make a difference.
I will make that change.
Lonnie
On Apr 25, 2012, at 12:20 PM, Lonnie
Great Lonnie!
You are the man :-)
I am on Lion. So I can test it.
Thanks,
Ingmar
Am 25.04.2012 um 19:20 schrieb Lonnie Abelbeck:
> Hi Ingmar,
>
> I found the OS X problem, creating the server certificate with
> "extendedKeyUsage=serverAuth" defined makes OS X ignore the certificate, I
> jus
Hi Ingmar,
I found the OS X problem, creating the server certificate with
"extendedKeyUsage=serverAuth" defined makes OS X ignore the certificate, I just
tested and removing (commenting out)...
#extendedKeyUsage=serverAuth
Now OS X (Snow Leopard) works perfectly. I have yet to try Lion.
The
Hi Lonnie,
I've just tested it and it stops where it tries to validate the server
certificate. We ran into this when developing the solution for iOS. Here we
just added the extra field "subjectAltName" and provide the server's FQDN. iOS
is happy with either the common name or the subjectAltName
Hi David,
Well, it *should* but I can't get it to work, and from googling I am not alone.
It complains about some certificate issue. Though for OS X, OpenVPN is my
first VPN choice and IPSecuritas
http://www.lobotomo.com/products/IPSecuritas/
works fine with IPsec + XAuth with certificates on
Lonnie,
Will the iOS VPN configuration also work with the Mac OS X built-in VPN
client?
Thanks
David
On Wed, Apr 25, 2012 at 11:17 AM, Lonnie Abelbeck wrote:
> AstLinux Users,
>
> The AstLinux Team would like to offer a preview to AstLinux 1.0.3.
>
> Keep in mind this is not a release candid
AstLinux Users,
The AstLinux Team would like to offer a preview to AstLinux 1.0.3.
Keep in mind this is not a release candidate, some additions/changes may occur
before the final AstLinux 1.0.3 release. The preview changes are shown here...
Additions for AstLinux 1.0.3:
http://astlinux.svn.sou
12 matches
Mail list logo
