Android IPsec doesn't work on 2.2.6?

derVerzweifler

Same problem here with android IPSEC builtin client and IKEv1 main.
Downgrade to 2.2.5 did fix it instantly, however upgrade to 2.2.6 breaks the IPSEC.
It's interesting, that 1/10 connections are established successfully and 5/10 after a manual SA removal in pfSense GUI. No idea why that…. Perhaps a bug in strongswan?

cmb

What you're describing is definitely different from the thread where you posted it so I split it out here. I haven't seen or heard of any regressions in strongswan 5.3.5, but that seems like the likely cause if it's definitely not an issue in 2.2.5.

I don't have any Android devices so not sure on it specifically. I know others are using Android no problem on 2.2.6 though. What's your config like? What IPsec logs do you get when it doesn't work? What exactly are you removing re: manual SA removal?

Antonius

I have confirm that after upgrade from 2.2.5 to 2.2.6 IPSec connection on  Android stop working - it says "Timeout". But with the 2.2.5 IPSec work's perfect!

Android IPSec settings is:

IPSec Xauth PSK
IP address
preshared key
username
password

PFSense settings attached!

jimp

Configure your IPsec logs as shown here: https://doc.pfsense.org/index.php/IPsec_Troubleshooting#Common_Errors_.28strongSwan.2C_pfSense_.3E.3D_2.2.x.29

And then post (in a code block or attached .txt file) the logs generated by a connection attempt.

It may be a good time to upgrade yourself to an IKEv2 VPN rather than the old-style IPsec, too.