Post marked as solved
Click to stop watching this thread.
You have stopped watching this post. Click to start watching again.
contentPostList.repliessolved.tooltip
Replied In
IPSec VPN not working
Apple seems to have silently fixed their racoon code which is known to be buggy with SHA-256 authentication algorithm truncation.The problem can be fixed also for racoon gateways by removing hmac_sha256 from the list of IKE phase 2 authentication algorithm proposals. Unfortunately, Apple IPhones with IOS13 then choose the weak SHA-1 algorithm.A better solution would be if Apple informed about the fixes applied to their racoon fork in order to support open source community to port the changes back to the racoon implementations of other distributions.