IPSEC from Andoird ICS (samsung s3) to pfsense 2 problem

si_kungs

hi,
    i cannot connect using my samsung s3 with android ics to connect on pfsense ipsec vpn with the following setup. i have read and follow the mobile ipsec here on pfsense doc. but i have done it without success. any help is appreciated.

here is my setup.
    i am using a modem router with ip 192.168.1.1 .
    on router i enabled DMZ to 192.168.1.150

pfsense WAN ip 192.168.1.150
                LAN ip 192.168.254.5

@pfsense ipsec
      A. mobile client
            enable ipsec mobile client support - checked
            user authentication - system
            group authentication -system
            provide a virtual ip address to clients - checked
                  network 192.168.253.0/24

B. Phase 1
            interface WAN
            authentication mode: mutual psk + xauth
            negotiation mode: aggressive
            my identifier: My Ip address
            Peer identifier:  User distinguished name    user@vpn.com
            pre shared key      abcdef
            policy generation  unique
            proposal checking  strict
            Encryption algorithm AES 128bits
            Hash algorithm SHA1
            DH key group 2
            lifetime  86400
            Nat transversal  Force
            dead peer detection  enabled

C. Phase 2
              mode  tunnel
              local network:  type - network
                                    address - 192.168.254.0/24

protocol  - ESP
              encryption algorithm -AES 128
              Hash algorithm - SHA1
              PFS key group - off
              lifetime -28800

jimp

What shows up in the IPsec log when you try to connect?

What client settings are you using exactly?

What error shows up on the client?

Is the username and password you're using valid? (Check System > User Manager, make sure the user exists and has the IPsec dialin permission)