时间戳

首页 > 解决方案 > 无法使用 SharedSecret 建立 VPN 连接

ios - 无法使用 SharedSecret 建立 VPN 连接

问题描述

我正在尝试使用Swift. 我已经创建了类VpnHandler,并且正在使用钥匙串Swift来保留钥匙串参考。我的代码如下所示:

    import Foundation
    import NetworkExtension
    import KeychainSwift
    
    
    final class VPNHandler {

    let vpnManager = NEVPNManager.shared()
    
    func initVPNTunnelProviderManager(serverAdress: String, remoteIdentifier : String, sharedSecred:String) {
        let sharedKey = sharedSecred.data(using: .utf8)
        let keychain = KeychainSwift()
        guard let sharedKey = sharedKey else { return }
        keychain.set(sharedKey, forKey: "shared_secret")
        vpnManager.loadFromPreferences { error in
            if let error = error {
                print(error.localizedDescription)
                return
            }
            let IKEv2Protocol = NEVPNProtocolIKEv2()
            IKEv2Protocol.username = nil
            IKEv2Protocol.localIdentifier = nil
            IKEv2Protocol.serverAddress = serverAdress
            IKEv2Protocol.remoteIdentifier = remoteIdentifier
            IKEv2Protocol.authenticationMethod = .sharedSecret
            IKEv2Protocol.disconnectOnSleep = false
            IKEv2Protocol.useExtendedAuthentication = false
            IKEv2Protocol.sharedSecretReference = keychain.getData("shared_secret", asReference: true)
            IKEv2Protocol.passwordReference = nil
            var rules = [NEOnDemandRule]()
            let rule = NEOnDemandRuleConnect()
            rule.interfaceTypeMatch = .any
            rules.append(rule)
            self.vpnManager.localizedDescription = "My VPN"
            self.vpnManager.protocolConfiguration = IKEv2Protocol
            self.vpnManager.onDemandRules = rules
            self.vpnManager.isOnDemandEnabled = true
            self.vpnManager.isEnabled = true
            print("SAVE TO PREFERENCES...")
            self.vpnManager.saveToPreferences { error in
                if (error != nil) {
                    print(error!)
                    return
                }
                print("CALL LOAD TO PREFERENCES AGAIN...")
                self.vpnManager.loadFromPreferences { error in
                    if let error = error {
                        print(error.localizedDescription)
                        return
                    }
                    do {
                        try self.vpnManager.connection.startVPNTunnel()
                        print("Starting VPN...")
                    } catch let error {
                        print("can't connect VPN'")
                        print(error.localizedDescription)
                    }
                }
            }
        }
    } 
}

当我调用该函数initVPNTunnelProviderManager时,会创建电话设置中的 vpn 配置。我们的应用程序开始连接到 vpn,但随后立即断开连接。当我们在电话设置中连接 vpn 配置时,它正在工作。我不知道问题是什么。

任何帮助表示赞赏。

提前致谢

标签: iosswiftvpnnetworkextensionnevpnmanager

解决方案

我刚刚解决了这个问题。在 /etc/ipsec.conf 文件中的服务器中,替换以下内容:

ike=aes256-sha1-modp1024,3des-sha1-modp1024!,aes256-sha2_256
    esp=aes256-sha1,3des-sha1!

With 

ike=aes256-sha2_256-modp2048
esp=aes256-sha2_256

推荐阅读