Pfsense/openVPN configs for OpenVPN Connect (iphone)

wylekyote

Greetings,
Can someone tell me their working crypto/cert configurations for use with an iPhone as an endpoint client into the PFSense server.

DH Parameter length (bits) 2048
Encryption Algorithm  AES-128-CBC
Auth digest algorithm SHA-1 (160 Bit)

I'd actually prefer stronger crypto, but for now thats what I set ..  When I download the .ovpn file it confirms the settings

persist-tun
persist-key
cipher AES-128-CBC
auth SHA1
tls-client
client
remote {my remote}  1194 udp
lport 0
verify-x509-name "{my name}" name
auth-user-pass
ns-cert-type server
comp-lzo adaptive

But when I start the client on the iPhone .. It errors out with "EVENT: CORE_ERROR crypto_alg DSA-SHA1 not found" I've tried multiple crypto configs for the server but they always bail out with this same error .

Thanks in advance for any advice/pointers etc

AndrewZ

Server side:
DH Parameter length (bits) 2048
Encryption Algorithm  AES-256-CBC
Auth digest algorithm SHA-256

My working client config (iPad):

persist-tun
persist-key
cipher AES-256-CBC
auth SHA256
tls-client
client
remote host.domain.tld 1194 udp
lport 0
verify-x509-name "host.domain.tld" name
auth-user-pass
ns-cert-type server
comp-lzo adaptive

 <ca>...</ca> 

 <cert>...</cert> 

 <key>...</key> 

 <tls-auth>...</tls-auth> 
 key-direction 1

wylekyote

Thanks!  I got it working..