Dear all
I got a new Iphone (IOS 15.6.1) and try to establsh there a new IPSEC VPN connection
My IPfire is on #171
II went through this wiki.ipfire.org - Roadwarrior with Apple macOS & iOS
to set it up
my hostname is ipfire.localdomain which I put in with @ipfire.localdomain at “local ID”
On remote ID I put @iphone
This I also named in system host name and in SubjetAlterName as "DNS:iphone
The local SubNet adn DNS as appropiate and the advanced settings as in the WIKI
Because I use a dyndns service I sent the root and p12 Cerificate to the Iphone
installed them and set up a new connetion with
Server: dyndns.my-domain.de
remote Id: ipfire.localdomain
Local Id: iphone
and choosed the appropiate certificate
As the result I got on the IPHONE : VPN Connection, An unexpected error occured
In the IPSEC log I got
11:08:56 charon: 05[CFG] no matching peer config found 11:08:56 charon: 05[CFG] ignore candidate 'iphone' without matching IKE proposal 11:08:56 charon: 05[CFG] candidate "iphone", match: 20/20/28 (me/other/ike) 11:08:56 charon: 05[CFG] looking for peer configs matching 87.177.154.45[ipfire.unkel]...80.187.7 4.249[iphone]
I uploaded the CA, the .p12 file and set up the profie with an name ,as a server I used the dyndns, the remote ID “iphs2”, the local ID as “dyndns…de” and choosed the certificate.
I got as result “VPN connection, an unexpected error occured”
The log showed me
Then sending the CA-Certificate and the .p12 certificate to the phone
On Settings → General -->VPN install both certificates one after next.
On VPN add a new Connection with
Description : eg my VPN
Server: Endpoint dyndns server FQDN
remote ID: ipfire.unkel (internal FQDN of the IPIRE)
local ID: myphone@mail.unkel (as in the certificate settings)
Authentification:
User-Auth: none !
Certificate: ON !
Certificate: choose imported user cert