Why can't my iPhone connect using IPsec? (re: "User authentication failed.")

ericab

anyone successfully gotten ipsec+iphone/ipad working yet ?

_igor_

Yep I use it since january more or less. Works great. I did the setup with the provided infos. Only thing when setting up the IPSEC is, you have to wait a moment before connecting your tunnel. After setting up the tunnel on pfsense i wait some time before trying. Don't know why, but minimum waiting time is 1 hour. stopping and restarting IPSEC doesn't help. Same thing happened when i changed the password in the uswr-manager. Could not connect directly, had to wait some time to get the tunnel up. I thought that some infos are cached at the iphone, but a test with the OSX IPSEC-client had the same issues.  So now i'm not sure if i'm wrong…

ericab

@mlanner:

Hey everyone,

Just a brief update … I got slammed at work. I've completely migrated to 2.0-RC1 now and will deploy and test in the next few days. Hopefully before the weekend. I'll post details when I'm done. Promise.

hello ? mlanner ?

_igor_

@ericab: Whats your problem with connecting? Which are your questions, whats not clear for you? Maybe i can help out.

At the moment i don't have an ipad, but can connect with iphone OS 3.1.2, 4.0.1, 4.3.1, with 2g, 3g, 3gs, 4. I think the ipad should be the same thing.

schnubert

Hi!

I would love it to connect my iPhone using certificates … would that be feasible and if yes what I am supposed to do?

Thanks

ericab

@_igor_:

@ericab: Whats your problem with connecting? Which are your questions, whats not clear for you? Maybe i can help out.

At the moment i don't have an ipad, but can connect with iphone OS 3.1.2, 4.0.1, 4.3.1, with 2g, 3g, 3gs, 4. I think the ipad should be the same thing.

hi igor;
the only hangup for me and most others here, is we've used this tutorial:
http://forum.pfsense.org/index.php/topic,24752.msg130558/topicseen.html#msg130558

and are at the point where we've successfully established a connection, but no traffic at all will pass to my main lan, nor to the internet.
my LAN network is 192.168.3.0/24
my ipsec network ive assigned is 192.168.4.0/24
(if you need id be happy to give you screenshots of the ipsec setup.)

i'm hoping you or mlanner would get a howto goin' about this, in a separate thread which we could point people to; that or hope that iOS 5 will allow for openvpn links  ::)

_igor_

only to clear that up:

After connect you can access from your phone/pad any service/documents which are located on LAN-side.
You try to get access to WAN from your phone via the tunnel and have no success?
You can not connect to any service/documents when trying to access from LAN to phone?

So the only thing i did was setting a rule from any to any at the IPSEC-tab.
I cann access from and to the phone, surfing the internet mostly fails with timeouts, but that happens on bad line. And that feature i rarely need.

schnubert

Hey …

do you use IPSEC with PSK method or via Certificates?

ericab

hi schnubert;
if your asking me, it is PSK

schnubert

hmm…
I would rather prefer certificates...  ???