Why can't my iPhone connect using IPsec? (re: "User authentication failed.")

ericab · Apr 10, 2011, 5:11 PM

anyone successfully gotten ipsec+iphone/ipad working yet ?

_igor_ · Apr 11, 2011, 1:34 PM

Yep I use it since january more or less. Works great. I did the setup with the provided infos. Only thing when setting up the IPSEC is, you have to wait a moment before connecting your tunnel. After setting up the tunnel on pfsense i wait some time before trying. Don't know why, but minimum waiting time is 1 hour. stopping and restarting IPSEC doesn't help. Same thing happened when i changed the password in the uswr-manager. Could not connect directly, had to wait some time to get the tunnel up. I thought that some infos are cached at the iphone, but a test with the OSX IPSEC-client had the same issues. So now i'm not sure if i'm wrong…

ericab · Apr 19, 2011, 4:11 AM

@mlanner:

Hey everyone,

Just a brief update … I got slammed at work. I've completely migrated to 2.0-RC1 now and will deploy and test in the next few days. Hopefully before the weekend. I'll post details when I'm done. Promise.

hello ? mlanner ?

_igor_ · Apr 20, 2011, 10:54 AM

@ericab: Whats your problem with connecting? Which are your questions, whats not clear for you? Maybe i can help out.

At the moment i don't have an ipad, but can connect with iphone OS 3.1.2, 4.0.1, 4.3.1, with 2g, 3g, 3gs, 4. I think the ipad should be the same thing.

schnubert · Apr 20, 2011, 12:02 PM

Hi!

I would love it to connect my iPhone using certificates … would that be feasible and if yes what I am supposed to do?

Thanks

ericab · Apr 20, 2011, 5:41 PM

@_igor_:

@ericab: Whats your problem with connecting? Which are your questions, whats not clear for you? Maybe i can help out.

At the moment i don't have an ipad, but can connect with iphone OS 3.1.2, 4.0.1, 4.3.1, with 2g, 3g, 3gs, 4. I think the ipad should be the same thing.

hi igor;
the only hangup for me and most others here, is we've used this tutorial:
http://forum.pfsense.org/index.php/topic,24752.msg130558/topicseen.html#msg130558

and are at the point where we've successfully established a connection, but no traffic at all will pass to my main lan, nor to the internet.
my LAN network is 192.168.3.0/24
my ipsec network ive assigned is 192.168.4.0/24
(if you need id be happy to give you screenshots of the ipsec setup.)

i'm hoping you or mlanner would get a howto goin' about this, in a separate thread which we could point people to; that or hope that iOS 5 will allow for openvpn links ::)

_igor_ · Apr 20, 2011, 7:02 PM

only to clear that up:

After connect you can access from your phone/pad any service/documents which are located on LAN-side.
You try to get access to WAN from your phone via the tunnel and have no success?
You can not connect to any service/documents when trying to access from LAN to phone?

So the only thing i did was setting a rule from any to any at the IPSEC-tab.
I cann access from and to the phone, surfing the internet mostly fails with timeouts, but that happens on bad line. And that feature i rarely need.

schnubert · Apr 21, 2011, 7:49 AM

Hey …

do you use IPSEC with PSK method or via Certificates?

ericab · Apr 21, 2011, 5:01 PM

hi schnubert;
if your asking me, it is PSK

schnubert · Apr 21, 2011, 10:28 PM

hmm…
I would rather prefer certificates... ???