FireBrick IPSEC on Apple MacOS X: Difference between revisions

mNo edit summary
mNo edit summary
 
== Installing the certificate into OSX ==
 
 
==Unsupported integrity algorithm==
There is one "gotcha" with StrongSwan on MAC though - it may negotiate an encryption algorithm for the data connection which OS X doesn't support, the FireBrick will create a log like:
 
failed to create ESP context: unsupported integrity algorithm AES_XCBC_96
 
This really a bug in the way the StrongSwan app was built - it shouldn't negotiate something if the underlying OS can't do it! However, the easy workaround is to set up an ipsec-proposal to avoid this.
 
 
[[Category:FireBrick_Tunnels|IPSec OSX]]
Retrieved from ‘http://support.aa.net.uk/FireBrick_IPSEC_on_Apple_MacOS_X