IPhone ios 5 with IPSEC and 2.1 seems to be working for me and what I had to do.



  • After looking over and over through the forums, I kinda gave up on getting it to work from the UI perspective so I just went the traditional perspective and did it via conf files. I don't know who to talk to to about possibly getting the changes in the dev side.

    Anyways.

    # This file is automatically generated. Do not edit
    path pre_shared_key "/var/etc/psk.txt";
    
    path certificate  "/var/etc";
    
    listen
    {
    	adminsock "/var/db/racoon/racoon.sock" "root" "wheel" 0660;
    	isakmp *.*.*.* [500];
    	isakmp_natt *.*.*.* [4500];
    }
    
    mode_cfg
    {
    	auth_source system;
    	group_source system;
    	pool_size 253;
    	network4 10.10.10.1;
    	netmask4 255.255.255.0;
    	save_passwd on;
    }
    
    remote anonymous
    {
    	ph1id 1;
    	exchange_mode aggressive;
    	my_identifier address *.*.*.*;
    	peers_identifier fqdn "phone";
    	ike_frag on;
    	generate_policy = unique;
    	initial_contact = off;
    	nat_traversal = on;
    
    	dpd_delay = 10;
    	dpd_maxfail = 5;
    	support_proxy on;
    	proposal_check claim;
    	passive on;
    
    	proposal
    	{
    		authentication_method xauth_psk_server;
    		encryption_algorithm 3des;
    		hash_algorithm sha1;
    		dh_group 2;
    		lifetime time 28800 secs;
    	}
    }
    
    sainfo anonymous 
    {
    	remoteid 1;
    	encryption_algorithm aes 128;
    	authentication_algorithm hmac_sha1;
    
    	lifetime time 3600 secs;
    	compression_algorithm deflate;
    }
    
    

    The part that made it seem to work is having the sainfo

    sainfo anonymous 
    {
    	remoteid 1;
    	encryption_algorithm aes 128;
    	authentication_algorithm hmac_sha1;
    
    	lifetime time 3600 secs;
    	compression_algorithm deflate;
    }
    


  • I got it working without having to modify the conf file directly via the screens.

    Here are the Screen shots

    ![Screen Shot 2011-09-16 at 12.44.04 AM.png](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.44.04 AM.png)
    ![Screen Shot 2011-09-16 at 12.44.04 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.44.04 AM.png_thumb)
    ![Screen Shot 2011-09-16 at 12.44.07 AM.png](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.44.07 AM.png)
    ![Screen Shot 2011-09-16 at 12.44.07 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.44.07 AM.png_thumb)
    ![Screen Shot 2011-09-16 at 12.44.14 AM.png](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.44.14 AM.png)
    ![Screen Shot 2011-09-16 at 12.44.14 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.44.14 AM.png_thumb)
    ![Screen Shot 2011-09-16 at 12.44.34 AM.png](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.44.34 AM.png)
    ![Screen Shot 2011-09-16 at 12.44.34 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.44.34 AM.png_thumb)
    ![Screen Shot 2011-09-16 at 12.44.39 AM.png](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.44.39 AM.png)
    ![Screen Shot 2011-09-16 at 12.44.39 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.44.39 AM.png_thumb)
    ![Screen Shot 2011-09-16 at 12.47.50 AM.png](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.47.50 AM.png)
    ![Screen Shot 2011-09-16 at 12.47.50 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.47.50 AM.png_thumb)



  • here are the rest of the settings

    ![Screen Shot 2011-09-16 at 12.48.02 AM.png](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.48.02 AM.png)
    ![Screen Shot 2011-09-16 at 12.48.02 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.48.02 AM.png_thumb)
    ![Screen Shot 2011-09-16 at 12.44.23 AM.png](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.44.23 AM.png)
    ![Screen Shot 2011-09-16 at 12.44.23 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2011-09-16 at 12.44.23 AM.png_thumb)


Log in to reply