Visual Guide to Configuring IPSec VPN using RSA + Xauth and iOS Roadwarriors
-
Once the issues have been troubleshooted, I'd suggest adding these step-by-step docs to the PfSense wiki
-
I suggest also adding these step-by-step docs to the PfSense wiki.
Also there is no need to wait for my (I'm sure) special personal problems:
I just tried it with another iPhone (same model / same iOS Version / same modem version) and there it works like a charm!
On this second iPhone it works with 3G and also direct out of the company networks WLAN.
On my iPhone WLAN and 3G doesn't work.So it must have something to do with my iPhone. But I have no idea what this can be! ???
-
OK - I think I know the problem now.
I found other guys on the internet who have VPN problems like me (timeout) after untethered jailbreak of iOS 5.01 - and that's the big difference between my iPhone and the other one. Just to make clear: I have a neverlocked iPhone direct from Apple-Store and use the jailbreak for IT related software which is not available in AppStore (e.g. SSH). So i never hacked baseband or something like that. But it seems that the untethered jailbreak itself breaks VPN functions!
-
Glad to hear it is working.
-
There is only one last thing, which is a little bit annoying:
If I uncheck the box with "Provide login banner to clients", there comes an empty login banner up. Is there no possibility to completly disable the banner? I use VPN on demand and so I have to click all the time on "OK" on the iPhone…
-
If you are talking about the message 'VPN Connection' with buttons OK and disconnect that iOS shows after connection is established then I don't think there is a way to disable that.
-
Thanks for the guide using it and iphone Configuration utility I was able to setup my iphone with VPN on demand, which is a slick feature with one issue. I can not figure out how to make it save my password. Everytime I connect to the VPN it prompts for the user password. It appears if you create the VPN connection on the phone manually via this guide it will save the user password, however if you do it via the iphone configuration utility I do not see a way to save the password.
Any ideas?
-
Thanks for the guide using it and iphone Configuration utility I was able to setup my iphone with VPN on demand, which is a slick feature with one issue. I can not figure out how to make it save my password. Everytime I connect to the VPN it prompts for the user password. It appears if you create the VPN connection on the phone manually via this guide it will save the user password, however if you do it via the iphone configuration utility I do not see a way to save the password.
Any ideas?
Create an unsigned .mobileconfig and edit it with any text editor. Add these two lines behind the XAuthName-Block:
<key>XAuthPassword</key> <string>Your Password</string>Best regards,
Thorsten
-
Sweet will give that a shot this info. Odd that if the configs support such a feature that the tool would not have the interface to use it. Course Apple is known for lack of options.
-
Odd that if the configs support such a feature that the tool would not have the interface to use it. Course Apple is known for lack of options.
I think it's just because everybody could read the password as clear text…
-
Odd that if the configs support such a feature that the tool would not have the interface to use it. Course Apple is known for lack of options.
I think it's just because everybody could read the password as clear text…
Well there are ways they could encrypt the password to at least make it more difficult to see.
-
Create an unsigned .mobileconfig and edit it with any text editor. Add these two lines behind the XAuthName-Block:
<key>XAuthPassword</key> <string>Your Password</string>Best regards,
Thorsten
This did not seem to work. I assume after I edit the file I open the file with iphone configurator to load it on the iphone.
-
If I export the conf back out the added lines are not there
-
I figured it out:)
You need to email the mobileconfig file to your phone and install it via the email on the phone. Success.
-
For whatever reason, racoon segfaults when I run RSA+Xauth after the client sends back the XAUTH_USER_PASSWORD. This doesn't happen with PSK+Xauth oddly. >:(