Pfsense/openVPN configs for OpenVPN Connect (iphone)
-
Greetings,
Can someone tell me their working crypto/cert configurations for use with an iPhone as an endpoint client into the PFSense server.DH Parameter length (bits) 2048
Encryption Algorithm AES-128-CBC
Auth digest algorithm SHA-1 (160 Bit)I'd actually prefer stronger crypto, but for now thats what I set .. When I download the .ovpn file it confirms the settings
persist-tun
persist-key
cipher AES-128-CBC
auth SHA1
tls-client
client
remote {my remote} 1194 udp
lport 0
verify-x509-name "{my name}" name
auth-user-pass
ns-cert-type server
comp-lzo adaptiveBut when I start the client on the iPhone .. It errors out with "EVENT: CORE_ERROR crypto_alg DSA-SHA1 not found" I've tried multiple crypto configs for the server but they always bail out with this same error .
Thanks in advance for any advice/pointers etc
-
Server side:
DH Parameter length (bits) 2048
Encryption Algorithm AES-256-CBC
Auth digest algorithm SHA-256My working client config (iPad):
persist-tun persist-key cipher AES-256-CBC auth SHA256 tls-client client remote host.domain.tld 1194 udp lport 0 verify-x509-name "host.domain.tld" name auth-user-pass ns-cert-type server comp-lzo adaptive <ca>...</ca> <cert>...</cert> <key>...</key> <tls-auth>...</tls-auth> key-direction 1
-
Thanks! I got it working..