User authentication failed with iPhone and IPsec VPN
I've configured a VPN on pfSense using these instructions:
I'm able to successfully connect to the VPN my Windows 10 laptop, but when I try to connect my iPhone using the same username and password, I get the following message:
User authentication failed
The iPhone is using iOS 12.1.
Here are the last few entries of the log:
Dec 5 09:30:56 charon 01[ENC] <con-mobile|6> generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ] Dec 5 09:30:56 charon 01[ENC] <con-mobile|6> splitting IKE message with length of 1552 bytes into 2 fragments Dec 5 09:30:56 charon 01[ENC] <con-mobile|6> generating IKE_AUTH response 1 [ EF(1/2) ] Dec 5 09:30:56 charon 01[ENC] <con-mobile|6> generating IKE_AUTH response 1 [ EF(2/2) ] Dec 5 09:30:56 charon 01[NET] <con-mobile|6> sending packet: from 220.127.116.11 to 18.104.22.168 (1236 bytes) Dec 5 09:30:56 charon 01[NET] <con-mobile|6> sending packet: from 22.214.171.124 to 126.96.36.199 (388 bytes) Dec 5 09:31:26 charon 15[JOB] <con-mobile|6> deleting half open IKE_SA with 188.8.131.52 after timeout Dec 5 09:31:26 charon 15[IKE] <con-mobile|6> IKE_SA con-mobile state change: CONNECTING => DESTROYING
It seems that the iPhone is never reponding to the IKE_AUTH response 1.
I'm not sure what to do next to troubleshoot this. Thanks in advance for your help!
I figured out the problem.
I had exported and installed the wrong cert on my phone. Instead of installing the CA cert, I had mistakenly installed the "Server Certificate".
After correcting this, I was able to connect to the VPN successfully.
Hopefully this will help someone else.
@avalanchis I am SOOOO glad you commented on the resolution in this thread, I made exactly the same error and after hours of trying and surfing I found your thread, THANKS!
@murphster_matt What's funny about this is that I had the same problem when trying to set up a different phone, and I'd completely forgotten about this solution until you posted your comment! Thanks for reminding me!