iPhone VPN with PFsense

Question

Level 1

0 points

iPhone VPN with PFsense

Hi guys, does anybody know the PFsense firewall?
I'm trying to set up an IPsec VPN between my iPhone and the PFsense box, but I can't figure out how to make it work.

These are the settings on the PFsense box:

My identifier (use FQDN): my email address
Encryption: Blowfish
Hash: MD5
DH key group: 1024 bit
Lifetime: 1200 seconds
Authentication method: pre-shared key

Now... I really don't know what to enter in the iPhone settings.

Anybody can help me out?

Thank you.

... a PC :(, Windows XP Pro

Posted on Nov 3, 2008 1:29 PM

Reply

Answer 1

Mircsicz

Level 1

8 points

Nov 26, 2008 11:19 AM in response to Aleph72

Hi hi,

seems we're the only one's willing to connect an iPhone to pfsense.

I've found you're other posting at http://forum.pfsense.org/index.php/topic,12124.0.html two, but even at the pfsense board there isn't an answer!!!

Hopefully one of the vpn experienced readers at the board is willing to give as a hand so we can try to find a solution.

Greetz
Mircsicz

Reply

Answer 2

sl1ce

Level 1

0 points

Jan 27, 2009 7:27 PM in response to Mircsicz

Hi, I'm in the same boat - I have a new Touch and trying to do the same thing - have you had any luck?

Reply

Answer 3

smanders

Level 1

10 points

Feb 17, 2009 10:21 PM in response to Aleph72

Hello,

Well I tinkered with this tonight and I got something going. It does not appear that the PFsense IPsec setup supports the iPhone Cisco based IPsec client. There were some additional parameters needed that PFsense did not have a place to enter.

So I tried the PPTP and got that working just fine.

PFsense
1) VPN -> PPTP -> Configuration (tab)
2) Select Enable PPTP Server
3) Server Address - "Enter the WAN IP"
4) Remote Address Range - "Pick a range of 16 addresses that are available on your network that is also evenly divisible by 16" i.e. 192.168.1.112 or 192.168.1.128
5) I would recommend selecting the checkbox that requires 128-bit encryption
6) VPN -> PPTP -> Users (tab)
7) Click "+" to add user
8) Fill in username and password. You can leave IP blank to just take the first address in the pool of 16.
9) Firewall -> Rules -> PPTP VPN (tab)
10) Added a rule to allow all traffic to talk to everything (if you need more specifics, let me know)

iPhone/iPod Touch
1) Settings -> General -> Network -> VPN
2) Add VPN Configuration
3) Select PPTP
4) Fill in generic Description
5) Enter the IP address of your WAN interface
6) The username that was created above
7) RSA SecurID : OFF
8) Enter password created above
9) Encryption Level: Auto
10) Send All Traffic: ON
11) Save
12) Turn ON VPN

Let me know if this works for you. I was able to disable wireless, then VPN back into my home network over the 3G network and access services that are behind the PFsense firewall. I was able to web into the PFsense configuration page.

smanders

Reply

Answer 4

Feb 27, 2009 8:52 PM in response to smanders

GREAT tutorial, Why can't everyone write tutorials simply like this!
Thanks mate!

Reply

Answer 5

smanders

Level 1

10 points

Feb 27, 2009 11:57 PM in response to sammcj2000

Me too 😉. I'm glad it helped.

smanders

Reply