Currently Being ModeratedJan 31, 2012 9:10 PM (in response to Shiveringmonkey)
It would help if people would do their homework before posting "solutions" here that don't work. Endian Firewall, in both its hardware and software versions, does not provide VPN access for iOS devices. This is true for both the OpenVPN and IPsec VPNs built into Endian.
My understanding is that the only IPsec solution for iOS is Cisco. If you can't use or can't afford the Cisco solution, you are out of luck. Makes you wonder how much Cisco is paying Apple for the privilege.
Thanks again, Apple.
Currently Being ModeratedJan 31, 2012 9:45 PM (in response to RadicalDad)
RadicalDad, look at the post from 50tonrobot where he asked for suggestions for open ipsec vpn server. That's what was being answered.
It would help if people would read up a few posts before posting responses.
Currently Being ModeratedJan 31, 2012 10:07 PM (in response to RadicalDad)
This thread is about getting support for OpenVPN. There are other VPN solutions out there in the same way as there are other mobile OS like Android.
Fact is, my IT department will rather lock out iOS devices than switching away from OpenVPN. Time is running out as my company will soon order phones and tablets. Its a shame that Apple give OpenVPN developers no access to their APIs like they did for to other solutions.
Currently Being ModeratedMar 28, 2012 9:43 AM (in response to Shiveringmonkey)
Hi, i just got the message of the Endian UTM 2.5 Release and they say:
"Our new release 2.5 supports native IPSec L2TP VPN access for iPhone®, iPad® and Android mobile platforms, in addition to the currently supported OpenVPN and IPSec protocols. In just a few seconds, you can create a secure connection to your office network using your favorite iOS or Android device without having to install any third-party applications!"
Currently Being ModeratedMar 30, 2012 11:42 PM (in response to losfuxos)
Poorly worded by Endian, perhaps intentionally so. What this really says is Endian supports IPSec L2TP on iOS and Android devices. True enough. The next clause, "... in addition to the currently supported OpenVPN and IPSec protocols." could be taken to mean that OpenVPN is supported for iOS, but what it really means is OpenVPN has been supported (prior to 2.5) on other mobile platforms. Unfortunate wording by Endian marketing nerds who flunked English grammar. And also unfortunate that Endian can't promise what Apple won't allow
In short, there never has been an OpenVPN client that can load on iOS devices without jailbreak. If many people are fooled into thinking that Endian's new release can support this, an FTC enforcement action might be appropriate. Too band there aren't grounds for an enforcement action against Apple on this issue.
Some time ago I had an idea for an app that *could* workaround this limitation but I'm still wondering if it is possible and profitable. Have you ever used an app such *** iSSH? That kind of apps can create an SSH connection but also open a tunnel using that SSH connection.
In the same way I think it would be possible to create an OpenVPN connection to the server and do not touch anything at the OS level (no tun/tap device required, no ifconfig...), just manage the connection at application level.
Then you shuld configure the "tunnel" and specify the remote address and port to connect to, for example a remote web server, ssh server, an ftp, imap, smtp, a video streaming service... whatever. And you should also provide a local port (local to the ipad) which will act as the entrance of the tunnel. The app could provide a set of "bookmarks" to make this easy.
- remote address: intranet.mycompany (192.168.0.1) port: 80
- local: 8080
Then you will just need to point your browser to "http://localhost:8080" to get your intranet access.
The app could also provide an integrated web browser for users just interested in simple www access.
What do you all think? Is it possible? If it is possible... is some developer able to do this?
I think me and many others would be glad to pay some money for such an app!
Do you mean tools to remotely connect to the desktop of a PC/Mac which in turn supports OpeVPN? If this is the suggestion, unfortunately it does not solve my problem: I need to connect to resources inside a VPN directly from my iPad and cannot use another computer/device as a "bridge".
Currently Being ModeratedApr 4, 2012 3:13 PM (in response to mightycaptainkurt)
Well, I did it in two diferente ways. I've connected my iPad to a computer that supports openvpn, and then accessed the VPN. But I've also connected my iPad directly to a pc inside the network (and then I had no need to use VPN). In both I could use resources inside the VPN, as scientific journals subscriptions or databases. Hope this helps.
Currently Being ModeratedApr 12, 2012 8:16 AM (in response to schalliol)
I agree with everyone here. I do not understand why apple has left out support for openvpn. My company uses it exclusivly and when I travel it is the only connection back to our offices. As the network administrator I need in remotely from time to time. I can preform all of the functions on my ipad or iphone but I cant get into the network. So I still have to carry my MacBook Pro around simply to allow me to connect to the office. Kind of a pain when you are at a conference or a sales meeting to have to break out the laptop to fix a switch.
On the other hand if they havent done it yet I dont see them doing it going into the future. I wish the would release the API for it so that people could program for it. I don't have the knowlege to build an openvpn app but there are many people who do if they only knew how to interact with the IOS kernel.
Currently Being ModeratedApr 24, 2012 8:05 AM (in response to schalliol)
I hope Apple really considers adding OpenVPN. It's seems made for cellular and and mobile network connections. It's incredibly fast, open, and secure.
On my Android device, using an OpenVPN connection just works, and that is something I have always liked about Apple products, and why I was surprised to see that Apple left it out.
Hopefully, Apple is just trying to find an easy way for the configuration for the end-user. At least allow, or build in the kernel module so technical users could set people up if needed.
I hope Apple includes this in the next version of iOS.