Archive > 15.1 Legacy Series
IPSec Mobile client (MacOS and iOS)
eustachy:
Welcome
I have some isues from about 2 weeks when connecting from Yosemite (OSX) and iPhone (iOS 9).
I've configured connection about 2 months ago, and all works fine.
After upgrade, I can't connect from any of this devices. Windows Shrew client works ok.
I looked in logs, but nothing special (no errors).
I have this situation about 1,5 month ago, but I upgrade to next release, and all works fine.
Do You have any ideas , where to start digging?
Thanks
Rafal
franco:
Hi Rafal,
this most likely happened with 15.1.11.4 when StrongSwan got bumped from 5.3.0 to 5.3.2. I saw related commits in pfSense, e.g.
https://github.com/pfsense/pfsense/commit/29c9e14002b4a1566fa6afc6c4933b384b8e2242
I don't know the full scope of the problem yet, but I can, however, suggest a workaround based on reverting back to StrongSwan 5.3.0 in a little bit. Stay tuned.
Cheers,
Franco
eustachy:
Thanks franco for a quick reply.
I was thinking that the problem is in strongswan package.
Do You know, how can I revert back to this package?
Thanks
Rafal
franco:
From the root shell, do the following:
Please pick the right architecture and SSL flavour from the following links...
# fetch https://pkg.opnsense.org/snapshots/amd64/LibreSSL/strongswan-5.3.0_2.txz
# fetch https://pkg.opnsense.org/snapshots/amd64/OpenSSL/strongswan-5.3.0_2.txz
# fetch https://pkg.opnsense.org/snapshots/i386/LibreSSL/strongswan-5.3.0_2.txz
# fetch https://pkg.opnsense.org/snapshots/i386/OpenSSL/strongswan-5.3.0_2.txz
Afterwards:
# pkg add -f strongswan-5.3.0_2.txz
# pkg lock -y strongswan
This will prevent future firmware updates to the StrongSwan package. To unlock and go back to the latest version do this:
# pkg unlock -y strongswan
# pkg upgrade -y strongswan
Please let me know if that helps your case. :)
PS: You'll need to manually restart StrongSwan (or reboot) for the daemon to run the correct version (e.g. via the GUI)
eustachy:
Ok I try tommorow, I don't want to take overtime in work today. :)
Thanks Rafal
Navigation
[0] Message Index
[#] Next page
Go to full version