-
If your Android phone has or is getting a Gingerbread update, you can use IPsec+PSK+xauth. :-)
http://doc.pfsense.org/index.php/Android_VPN_Connectivity
-
Thanks for the L2TP tip! I got SSH working easily enough, but doesn't actually do anything beyond being able to configure pfSense. The tunnel doesn't work, apparently because my version of Android (CM7.03) doesn't have iptables.
-
I wish I had better results. The new info in the docs (Wasn't there a day or so ago) didn't look anything like either my pfSense l2TP config, or my Android config. I tried to wing it, but it won't connect. Maybe I'll have to fight with OpenVPN some more.
-
I just wrote the IPsec+PSK+xauth bits on that doc yesterday. My phone just pulled down the Gingerbread OTA update the day before last so I didn't know it was even possible before then.
I haven't rooted my phone so I was working within what the base OS allows. If you have rooted your phone, OpenVPN is an option. I haven't heard of it being difficult before, but I also haven't heard any real details on what it takes to get going. I imagine the hard part would just be getting the certs onto the phone, but there are ways around that I'm sure (e-mail, ssh, etc)
-
Well, I tried the instructions at: http://forum.pfsense.org/index.php/topic,34714.msg180818.html#msg180818
I'm stuck at the point of trying to download the certs. There doesn't seem to be the option to download them. Earlier, I downloaded them manually, so I'm not sure what extra the cert download plugin does. Brain needs a restโฆ
-
There isn't much in that "guide" there really. That's just the basic OpenVPN setup. Some things are overcomplicated there.
If you install the OpenVPN client export package, you can get a .zip with all of the files you need.
-
You don't see these links?
He was not looking at the guide in the stickies - he was looking at a step by step walk through that razzor put up back in march that I linked to on his question about a step by step.ย He even reposted the link to the walk thru, so I have to believe that is what he is looking at, not the sticky.
-
That's correct. I don't see the option to download the certs. I'm guessing maybe it was because I skipped the first few steps, because I had already made the certs from a previous attempt. I actually downloaded those certs, before I even installed the export plugin. Is the plugin required?
-
If you read the notes on the client export page, the clients will only show up there if things are setup properly.
The most common error is to have one CA selected in the OpenVPN server and then the certificates you made are actually from another CA entirely. If the certificate CA doesn't match the server CA, they won't show up.
-
"I'm guessing maybe it was because I skipped the first few steps"
"Is the plugin required?"So you ask for a step by step โ and then you just skip steps, yeah not following instructions then sure its a nightmare to setup ;)