1 |
On Friday 19 Feb 2016 14:51:40 Daniel Quinn wrote: |
2 |
> Hello all, I’ve been asked to connect my Gentoo box to a StrongSwan VPN |
3 |
> and was offered a .mobileconfig file as means to connect. Unfortunately, |
4 |
> this appears to be a special-Apple-only-format and I can’t make heads or |
5 |
> tails of the contents. |
6 |
|
7 |
As I understand it this is a file in XML format to pass on to the apple client |
8 |
(iPhone and the like) the configuration parameters for the VPN connection. |
9 |
|
10 |
|
11 |
> I understand that the server is Ubuntu running |
12 |
> StrongSwan using a shared secret, but that’s all I know at this point, |
13 |
> so my questions are: |
14 |
> |
15 |
> * Can I use NetworkManager (and as I understand it, LibreSwan) to |
16 |
> connect? |
17 |
> o If so, how do I translate the fields in the .mobileconfig to |
18 |
> gateway, group name, user password, group password, user name, |
19 |
> phase 1 algorithms, phase 2 algorithms, and domain? (The fields |
20 |
> presented in GNOME’s NetworkManager dialogue for an OpenSwan VPN). |
21 |
|
22 |
Have you tried using strongswan instead? It has a plugin for networkmanager, |
23 |
so I guess the configuration file will translate to what you see in the NM |
24 |
GUI. |
25 |
|
26 |
I do not have access to a .mobileconfig file to know what it looks like, but |
27 |
if you can obfuscate anything private and share the rest I can try to guess |
28 |
how it corresponds to the strongswan configuration file. |
29 |
|
30 |
|
31 |
> * If I can’t (or shouldn’t?) use NetworkManager, what’s the right way |
32 |
> to handle this? Is there a utility for handling .mobileconfig files |
33 |
> in Linux? |
34 |
|
35 |
I don't know of a utility that can parse the .mobileconfig file, other than |
36 |
trying it in an iPhone to see what settings it applies. However, once you |
37 |
find out what these settings are you can enter them in the strongswan |
38 |
configuration file and NM ought to just use them. |
39 |
|
40 |
-- |
41 |
Regards, |
42 |
Mick |