05-27-2019 01:14 AM - edited 05-27-2019 02:37 AM
Hi everyone,
As you probably know, Mac OS X High Sierra does not provide PPTP support any more.
That's why I have to switch to IPSec VPN protocol.
My topology is the following :
When connecting from a Windows machine with ShrewSoft VPN, it works.
When connecting from Mac OS X High Sierra integrated client it fails in phase 2 with that log :
1 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: received MODECFG message when in state STATE_MAIN_R3, and we aren't xauth client 2 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: Dead Peer Detection (RFC 3706): enabled 3 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: STATE_MAIN_R3: sent MR3, ISAKMP SA established 4 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: transition from state STATE_XAUTH_R1 to state STATE_MAIN_R3 5 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: XAUTH: xauth_inR1(STF_OK) 6 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: XAUTH: User xxxxxx: Authentication Successful 7 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: XAUTH: checking user(xxxxxx:shrew) 8 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: XAUTH: password file (/etc/ipsec.d/passwd) open. 9 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: XAUTH: md5 authentication being called to authenticate user xxxxxx 10 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: XAUTH: User xxxxxx: Attempting to login 11 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: received and ignored informational message 12 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000 13 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: XAUTH: Sending Username/Password request (XAUTH_R0) 14 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: XAUTH: Sending XAUTH Login/Password Request 15 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: Dead Peer Detection (RFC 3706): enabled 16 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=OAKLEY_SHA2_256 group=modp1024} 17 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: new NAT mapping for #7, was 109.132.9.222:500, now 109.132.9.222:4500 18 2019-05-25 17:33:31 warning pluto[17571]: "shrew"[2] 109.132.9.222 #7: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
My question is the following : do I need to configure IPSec VPN server with specific parameters (such as specific algorithms or IPSec SA lifetime) ? Specific DH group ?
Anyone else encountering this problem ?
EDIT : VPN client for Android gives me the same error and warning in the logs, seems to work with Windows VPN software only
Thanks in advance,
Sebastien
07-05-2019 05:48 AM - edited 07-05-2019 05:51 AM
Hi,
Still no answer to my issue after weeks...
All I need is using my RV130W as a IPSec VPN server and connect to this VPN using a Mac or an iPhone.
What do I need to do ? (VPN correctly set up, I can connect from Windows using shrew VPN).
EDIT : does not work with Android VPN client IPSec Xauth neither, so with no mobile device at all...
If it's not compatible with Apple, why don't you tell it ?
Thank you.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: