IPSec VPN Working for OS X Mavericks

In iOS IPSec VPN Server on Ubuntu, I host a VPN on Ubuntu 13.10 based on StrongSwan 4.x, working for iOS, but not for OSX.

Then I upgraded to Ubuntu 14.04, which has StrongSwan upgraded to 5.x, error like:

To fix this, install all strongswan’s plugins by:

And make some changes to configurations:

Replace with strongswan.conf.dpkg-dist

After these, VPN is connectable by OS X but DNS settings is not pushed to the client-side



If you get a error saying the certificate is not trusted, and then check /var/log/system.log, you may found

If you have debug logging enabled in /etc/racoon/racoon.conf like

You may see more detail in /var/log/racoon.log, kSecTrustResultRecoverableTrustFailure might be a useful keyword.
Google it, the only useful article is http://www.traud.de/vpn/ but still not working here.

I tried on my macbook pro, and also as a dude told me, the Root CA I gave and the mobileconfig worked without any error nor warning.
But on my mac mini and from some others, error like above, which stopped me getting ipsec on os x work before.

I tried to delete the certificate, both root ca and client’s, from Keychain Access app, and the mobileconfig from Profiles in Preferences, reinstall like firstly CA secondly mobileconfig, check if the mobileconfig is signed and has passed the certificate verification, green light on then there it goes.

IPSec VPN Working for OS X Mavericks by @sskaje: https://sskaje.me/2014/04/ipsec-vpn-working-os-mavericks/

Incoming search terms:

iOS IPSec VPN Server on Ubuntu

I Google-ed a lot configuring IPSec VPN for iOS with OpenSwan, nothing useful but Iphone/Ipad/Mac OSX IPSEC VPN with Strongswan 5 on Centos/RHEL 6 which is on RHEL/CentOS and with strongswan found. I tried to configure openswan like strong swan, failed.

StrongSwan‘s official wiki helps a lot: http://wiki.strongswan.org/projects/strongswan/wiki/IOS_(Apple)/23

iOS 4 and newer supports native IPsec VPN via IKEv1 (otherwise referred to as Cisco IPSec in iOS) and is able to interoperate with strongSwan.


Work station

OS X 10.9
openssl from macports(OpenSSL 1.0.1f 6 Jan 2014).
Apple Configurator

VPN Server

Ubuntu 13.10


iOS 7.0.5
Continue reading “iOS IPSec VPN Server on Ubuntu” »

iOS IPSec VPN Server on Ubuntu by @sskaje: https://sskaje.me/2014/02/ios-ipsec-vpn-server-on-ubuntu/

Notes: PPTP/L2TP Server on Ubuntu

From: https://help.ubuntu.com/community/PPTPServer and https://help.ubuntu.com/community/L2TPServer

This is an integrated & simplified intro about installing pptp/l2tp server on ubuntu 12.04.


pptpd, xl2tpd, openswan are needed.
ppp should be installed by default, you can apt-get install ppp just for sure.
dnsmasq is needed to simplify dns issue.
So, just type commands:


Server ip is assigned as:
Client ip are in :

Continue reading “Notes: PPTP/L2TP Server on Ubuntu” »

Notes: PPTP/L2TP Server on Ubuntu by @sskaje: https://sskaje.me/2013/10/notes-pptpl2tp-server-on-ubuntu/