[2.2] Strong Swan DNS Problems with mobile users
-
Well I guess nobody cares except those that are affected by this…
-
I was hung up in the same situation. I took my first crack at OpenVPN which I got configured, routing and pushing out client install packages in about 15 minutes. Very slick on both iOS and PC.
-
Well I guess nobody cares except those that are affected by this…
What's not reported cannot get fixed => https://redmine.pfsense.org/issues/4418
-
For what it's worth I have asked several times about setting up an IPSEC VPN with a current version of iOS (apple iphone, not Cisco). I can't get it to work for the life of me but for some reason vpn'ing back in via your iPhone or iPad doesn't seem to get a lot of attention here. If I could figure it out I'd be happy to create a nice guide with screenshots, etc and hopefully put it up on the Wiki.
I feel OpenVPN (which does work well) is clunky and I would prefer a "built-in" option.
-
What's not reported cannot get fixed => https://redmine.pfsense.org/issues/4418
Thanks notor, I was already looking into it.
but for some reason vpn'ing back in via your iPhone or iPad doesn't seem to get a lot of attention here.
Because it works perfectly fine. And there are instructions.
https://doc.pfsense.org/index.php/IPsec_Road_Warrior/Mobile_Client_How-To
though the instructions in the 2.1x book are better in general, and equally applicable to 2.2.I tend to have to limit my involvement here to things that are quickly addressable, or things indicative of a bug of some sort. We setup mobile IPsec for iOS for support customers all the time, and use it ourselves with iOS and OS X.
-
Can you please test the change done for https://redmine.pfsense.org/issues/4418 and report back?
-
@ermal:
Can you please test the change done for https://redmine.pfsense.org/issues/4418 and report back?
Cannot see any commit there. In general, there seems to be some issue with Redmine showing commits with a significant delay.
EDIT: Finally there, took over 30 minutes ???
-
Thanks for looking into this!
-
Just found a workaround by appending another bogus domain name in my split-dns list from: "mydomain.com" to "mydomain.com bogus.com". That seemed to do the trick.
-
Just found a workaround by appending another bogus domain name in my split-dns list from: "mydomain.com" to "mydomain.com bogus.com". That seemed to do the trick.
That'll work around it. The root issue, which was a client-side problem, was fixed in OS X El Capitan for sure, and I believe a newer iOS version than this thread originally referenced as well.