Android IPsec doesn't work on 2.2.6?



  • Same problem here with android IPSEC builtin client and IKEv1 main.
    Downgrade to 2.2.5 did fix it instantly, however upgrade to 2.2.6 breaks the IPSEC.
    It's interesting, that 1/10 connections are established successfully and 5/10 after a manual SA removal in pfSense GUI. No idea why that…. Perhaps a bug in strongswan?



  • What you're describing is definitely different from the thread where you posted it so I split it out here. I haven't seen or heard of any regressions in strongswan 5.3.5, but that seems like the likely cause if it's definitely not an issue in 2.2.5.

    I don't have any Android devices so not sure on it specifically. I know others are using Android no problem on 2.2.6 though. What's your config like? What IPsec logs do you get when it doesn't work? What exactly are you removing re: manual SA removal?



  • I have confirm that after upgrade from 2.2.5 to 2.2.6 IPSec connection on  Android stop working - it says "Timeout". But with the 2.2.5 IPSec work's perfect!

    Android IPSec settings is:

    IPSec Xauth PSK
    IP address
    preshared key
    username
    password

    PFSense settings attached!





  • Rebel Alliance Developer Netgate

    Configure your IPsec logs as shown here: https://doc.pfsense.org/index.php/IPsec_Troubleshooting#Common_Errors_.28strongSwan.2C_pfSense_.3E.3D_2.2.x.29

    And then post (in a code block or attached .txt file) the logs generated by a connection attempt.

    It may be a good time to upgrade yourself to an IKEv2 VPN rather than the old-style IPsec, too.


Log in to reply