Phase 2 Failure on Android

mbrossar

Greetings gents.  New to the forum, new to firewalls and new to configuring IPSec VPNs, so the following may well be a rookie mistake, but I can't find it referenced anywhere.  My definitions are working great for OS X and iOS devices.  Android devices pass phase 1 but fail phase 2.  Configurations look like this.

pfSense
Protocol: ESP
Encryption Algorithms: 3DES
Hash Algorithms:  SHA1
PFS Key Group:  Off
Lifetime:  3600

Android
Type:  IPSec xauth PSK

Log
racoon: [x.x.x.x] ERROR: failed to pre-process ph2 packet [Check Phase 2 settings, networks] (side: 1, status: 1).
racoon: ERROR: failed to get sainfo.
racoon: ERROR: failed to get sainfo.
racoon: [Self]: INFO: respond new phase 2 negotiation: n.n.n.n[4500]<=>x.x.x.x[57059]

Any thoughts on what I'm doing wrong?

jimp

How exactly do you have the Android device configured?

Last I tried it, http://doc.pfsense.org/index.php/Mobile_IPsec_on_2.0#Device_Setup_.28Android.29 worked for me on all of my Android devices.

Though I've long since ditched IPsec in favor of OpenVPN for mobile access