Do I always need XAuth when using IPsec? (re: iPhone VPN and XAuth)
I'm trying to setup my iPhone with pfSense (Raccoon) IPsec and everything is working properly but I have a question…
Is it "safe" and/or possible to disable XAuth authentication and only use certificate authentication with pfSense/Raccoon?
The problem is that the iPhone doesn't save the XAuth password so I have to enter it every time I enable the VPN which is annoying since I THINK I have enough security based on the certificate authentication. Please correct me if I'm wrong.
…until someone steals your phone and then has unlimited access to your network...
The certificate auth, I believe, only replaces the pre-shared key part, not the username/password part.