Gentoo Archives: gentoo-user

From: Mick <michaelkintzios@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] (Free|Open|Strong)Swan and Gentoo as a client
Date: Fri, 19 Feb 2016 15:36:57
Message-Id: 1968548.gLDc9yfPaX@dell_xps
In Reply to: [gentoo-user] (Free|Open|Strong)Swan and Gentoo as a client by Daniel Quinn
1 On Friday 19 Feb 2016 14:51:40 Daniel Quinn wrote:
2 > Hello all, I’ve been asked to connect my Gentoo box to a StrongSwan VPN
3 > and was offered a .mobileconfig file as means to connect. Unfortunately,
4 > this appears to be a special-Apple-only-format and I can’t make heads or
5 > tails of the contents.
6
7 As I understand it this is a file in XML format to pass on to the apple client
8 (iPhone and the like) the configuration parameters for the VPN connection.
9
10
11 > I understand that the server is Ubuntu running
12 > StrongSwan using a shared secret, but that’s all I know at this point,
13 > so my questions are:
14 >
15 > * Can I use NetworkManager (and as I understand it, LibreSwan) to
16 > connect?
17 > o If so, how do I translate the fields in the .mobileconfig to
18 > gateway, group name, user password, group password, user name,
19 > phase 1 algorithms, phase 2 algorithms, and domain? (The fields
20 > presented in GNOME’s NetworkManager dialogue for an OpenSwan VPN).
21
22 Have you tried using strongswan instead? It has a plugin for networkmanager,
23 so I guess the configuration file will translate to what you see in the NM
24 GUI.
25
26 I do not have access to a .mobileconfig file to know what it looks like, but
27 if you can obfuscate anything private and share the rest I can try to guess
28 how it corresponds to the strongswan configuration file.
29
30
31 > * If I can’t (or shouldn’t?) use NetworkManager, what’s the right way
32 > to handle this? Is there a utility for handling .mobileconfig files
33 > in Linux?
34
35 I don't know of a utility that can parse the .mobileconfig file, other than
36 trying it in an iPhone to see what settings it applies. However, once you
37 find out what these settings are you can enter them in the strongswan
38 configuration file and NM ought to just use them.
39
40 --
41 Regards,
42 Mick

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-user] (Free|Open|Strong)Swan and Gentoo as a client Mick <michaelkintzios@×××××.com>
Re: [gentoo-user] (Free|Open|Strong)Swan and Gentoo as a client Daniel Quinn <gentoo@×××××××××××.org>