[strongSwan] Questions about import sswan file.

Hi, guys I find strongSwan 1.8.x for Android is support import vpn configuration. It’s amazing. I have some questions, Hope anyone can give me a hand. Actually I read the article: https://wiki.strongswan.org/projects/strongswan/wiki/AndroidVPNClientProfiles

Re: [strongSwan] Questions about import sswan file.

Hi, > Can I direct read URL via strongSwan to complete import? No, but the next version will allow importing VPN profiles via Storage Access Framework (on Android versions that support it). So users can browse to a downloaded file and the MIME-type or filename doesn't matter. > Can the strongSw

[strongSwan] Custom MODP Group support

Hi, is it possible to configure custom DH prime and generator? I saw some lines of code, but it seems that this is not configurable. Best, Piotr

Re: [strongSwan] Custom MODP Group support

Hello Piotr, On 15.05.2017 14:19, Piotr Soróbka wrote: > is it possible to configure custom DH prime and generator? I saw some lines > of code, but it seems that this is not configurable. You need to add the identifiers and keywords and a plugin that implements the algorithms. So no, you can't c

[strongSwan] signature validation failed error

Hi, I am running into a strange issue and would appreciate any help in debugging what could be going wrong. I am using self-signed certs for both my client and server. Client sends its cert to server (via out of band channel) and vice-versa so that verification can be done. I am using the same su

Re: [strongSwan] signature validation failed error

I made some progress debugging this. For a start, I changed the DN of my client's self-signed cert to be based on timestamp (this is generated every 30seconds when IPsec is down). With this change, I now do NOT see "signature validation failed" error. However, now I see "no matching peer config fo