IKEv2



  • Does pfSense 2 support IKEv2?

    If not.. Why? A lot of vendors have had it since 2008.



  • The short answer is no, since pfSense is currently using ipsec-tools (racoon) which only supports IKEv1.

    Perhaps at some point in the future it may be replaced with StrongSWAN (http://wiki.strongswan.org/projects/strongswan/wiki/FreeBSD) which supports IKEv2.


  • Rebel Alliance Developer Netgate

    I doubt such a switch would happen, the times I have been forced to interact with StrongSWAN have not been pleasant, and the amount of work to switch it would be significant.

    There is also Racoon2 but it doesn't seem to be very active.



  • I guess this feature request is going to come up more often in the near future, by all those who need a Roadwarrior VPN solution that, unlike OpenVPN, won't require any software install on the client device.

    Since PPTP is practically dead, we're left with L2TP/IPSec (MS Windows versions pre-Win7) and IPsec IKEv2 (Win7), none of which is currently supported by pfSense …


  • Rebel Alliance Developer Netgate

    That may be, but that doesn't mean it'll happen any sooner.

    Not unless someone either steps up and does the work or funds it.

    OpenVPN works great, there's really no reason to stick to the old "I don't want to install a client" mantra.



  • Open VPN would be great if only Apple would allow the ap in the app store…..........

    Am I correct in the statements:

    Mobile ipsec works with ios natively but not with windows 7,
    openvpn works with windows 7 (with client installed) but not on an unjail broken iphone

    Really want to avoid having to run both.

    Any input greatly appreciated.


  • Rebel Alliance Developer Netgate

    Mobile IPsec works with pretty much anything except Windows' built-in client. You can install the Shrew Soft client to make it work there.

    OpenVPN works with pretty much anything except iOS.


Log in to reply