VPN from an iphone
I am trying to make a vpn connection from my iphone from my wireless network at work. I followed this guide "http://doc.pfsense.org/index.php/Mobile_IPsec_on_2.0". When I try to connect through the wireless network I get the message that the VPN server did not respond. When I turn off wi-fi in the iphone settings and connect over ATT 3G the VPN connection is created without any problem. My knowledge of networking is very limited. Is there something that I am missing? Why would it connect over the ATT network but not over my local wireless network with the same settings? Any help would be greatly appreciated.
If the VPN is listening on the WAN, it expects to receive the traffic externally for that. It doesn't expect it to come from a directly attached subnet/network.
What are you trying to do that requires IPsec to work from a local client?
If you select the Wifi interface for the VPN, it may work from there (but then wouldn't work externally)
Thank you for responding to my post. I am trying to connect using my wireless network at work to my home network. If I'm reading what you said correctly you are saying that I cannot connect my iphone using VPN on my home wireless network. I am trying to create a tunnel with my iphone on my work network to my home network. I can connect my laptop from work to home but this uses openvpn. So I know that a tunnel can be created between the two locations.
Ah, ok, I misunderstood- I thought you were connecting to the VPN on the same router you were sitting behind.
It's possible your firewall at work is blocking ESP or doing something else that will break ISAKMP from the iPhone.
Make sure on your firewall at home you have NAT Translation forced on for IPsec, and if you can check on the work firewall, make sure it allows you to use udp/4500 outbound as well as udp/500 and esp if it can't do NAT-T for some reason.
If you are at a remote location and it works from 3G but not their wireless, there may not be anything you can do to fix their wireless if they're blocking it, especially if that blocking is done on purpose to prevent exactly what you're attempting.
You could always jailbreak and run OpenVPN on a UDP or TCP port they allow out, but depending on what they pass/block through your work firewall that may or may not work either.