FireBrick IPSEC on Apple MacOS X: Difference between revisions
mNo edit summary |
mNo edit summary |
||
== Installing the certificate into OSX ==
==Unsupported integrity algorithm==
There is one "gotcha" with StrongSwan on MAC though - it may negotiate an encryption algorithm for the data connection which OS X doesn't support, the FireBrick will create a log like:
failed to create ESP context: unsupported integrity algorithm AES_XCBC_96
This really a bug in the way the StrongSwan app was built - it shouldn't negotiate something if the underlying OS can't do it! However, the easy workaround is to set up an ipsec-proposal to avoid this.
[[Category:FireBrick_Tunnels|IPSec OSX]]
|