Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    How to translate ipsec client options

    IPsec
    2
    3
    975
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jason0 last edited by

      Hello,

      I am currently testing against a 2.0.3 firewall in a vmware environment.

      I support macintosh, and windows clients here at my office.  I am trying to setup a reliable road-warrior ipsec vpn.  I am having troubles with it, but I will leave that for another post.

      I am looking at more than two different vpn clients.

      The first one is using shrewsoft 2.2.2 (free) client for windows.  I see in its options bits like:

      • general options: auto configuration

        • ike config pull/push

        • dhcp over ipsec

      The second one is MacOS 10.8 vpn (cisco ipsec)

      Additional clients include android and iphone (ios?).

      How do I figure out what the options mean and whether they map to pfsense's ipsec settings?  OR, in the case of the Macintosh, what settings to use on pfsense?  (for instance, mutual psk+ xauth?)

      I have been digging through the pfsense docs and wiki site.  I am looking to find how much pfsense ipsec conforms to what the IETF calls 'ipsec'.

      ARe there certain minimum settings that most, if not all ipsec clients will conform to?

      I also noticed that the pfsense ipsec settings (appear to) only allow ONE set of phase 1 settings for mobile clients.  Is there a way to specify more than one in case there are no commonalities between the two mentioned clients?

      Thank you for reading through my post.

      –jason

      1 Reply Last reply Reply Quote 0
      • J
        jason0 last edited by

        I have had some traction on this, and I will post my results shortly…

        --jason

        1 Reply Last reply Reply Quote 0
        • jimp
          jimp Rebel Alliance Developer Netgate last edited by

          The settings for mobile IPsec on the wiki have been confirmed to work on every platform you mention: Windows via Shrew Soft, OS X's built-in client, iOS, and Android (and others)

          There are some client notes on the wiki but the most complete source of information will be the updated official pfSense book for 2.1 that will be coming out soon. It has a walk-through for configuring most of those clients, if not all of them.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post