IPSec VPN Working for OS X Mavericks

In iOS IPSec VPN Server on Ubuntu, I host a VPN on Ubuntu 13.10 based on StrongSwan 4.x, working for iOS, but not for OSX.

Then I upgraded to Ubuntu 14.04, which has StrongSwan upgraded to 5.x, error like:

To fix this, install all strongswan’s plugins by:

And make some changes to configurations:

Replace with strongswan.conf.dpkg-dist

After these, VPN is connectable by OS X but DNS settings is not pushed to the client-side



If you get a error saying the certificate is not trusted, and then check /var/log/system.log, you may found

If you have debug logging enabled in /etc/racoon/racoon.conf like

You may see more detail in /var/log/racoon.log, kSecTrustResultRecoverableTrustFailure might be a useful keyword.
Google it, the only useful article is http://www.traud.de/vpn/ but still not working here.

I tried on my macbook pro, and also as a dude told me, the Root CA I gave and the mobileconfig worked without any error nor warning.
But on my mac mini and from some others, error like above, which stopped me getting ipsec on os x work before.

I tried to delete the certificate, both root ca and client’s, from Keychain Access app, and the mobileconfig from Profiles in Preferences, reinstall like firstly CA secondly mobileconfig, check if the mobileconfig is signed and has passed the certificate verification, green light on then there it goes.

IPSec VPN Working for OS X Mavericks by @sskaje: https://sskaje.me/2014/04/ipsec-vpn-working-os-mavericks/

Incoming search terms: