Mobile VPN client (IPSec)



  • Using the exact same settings as a 2.1.5 install, I get a connection but can't reach any local resources aside from the pfSense, or anything on the far end of a site-to-site VPN. Works fine getting out to the internet via the pfSense though.

    The only difference I see is under Status/IPSec/SPD the 2.1.5 shows routes between 4.5.6.7 (VPN client address) and 0.0.0.0/0. Under 2.2 I see routes between 4.5.6.7 and 192.168.1.0/24 (LAN subnet.)

    Does anyone have mobile VPN working such that they can connect and get access to other resources on the LAN?



  • I have been struggling mightily with mobile IPSEC on the 2.2 betas.  I assume you are talking about and IPSEC VPN because if I can get connected I see the same issue.  Now that we have an RC I hope more people try mobile IPSEC (I am particularly interested in iOS 8.x) and post their setups/configuration.  I'd be happy to document and share a good config once I have one.  :)



  • So this is still not working for me. Exact same settings as 2.1.5; the connection sets up just fine but the only thing I can reach on the LAN over VPN is the pfSense itself.

    Does anyone have an IKE v1 IPSec VPN working with PSK? (Certificates are out of the question for 40-50 devices, so don't suggest it!)

    Edit: I can reach things over site to site VPN tunnels (e.g. there's a VPN tunnel between office A and office B. If I connect mobile VPN to office A, I can reach anything in office B, but nothing in office A.)

    I can reach the internet through the VPN, but only by setting local network to 0.0.0.0/0 in the mobile P2.


  • Rebel Alliance Developer Netgate

    Setting the local network to 0.0.0.0/0 to reach the Internet is the right move. Technically that should have also been required in racoon as well, though at times with mobile it was all too happy to take whatever P2 network the client said it wanted, which is a tad insecure.


Log in to reply