Just installed iOS4 on my 3GS. I use configuration profiles (created with iPhone Configuration Utility 2.2) to setup my VPN and WIFI settings for two locations I go back and forth between (aka Home & Work). The WIFI profiles seem to be working fine, signing on to the WIFI network at each location just as they're supposed to; however, the VPN profiles don't seem to be working. I recreated the profiles and reinstalled them on the phone but the VPN toggle never shows up and no configurations are listed under "General > Network > VPN". I have reset the network settings and forcefully rebooted the phone to no avail. iOS4 bug?
Wow. I guess I'm late to this party. Tried hooking up to our SonicWALL via my iPhone 4 today and nothing. iPad is fine. Found this thread. Tried the AES128. It works.
My Mac got disconnected though. VPN Tracker needed the checkbox for DES unticked for it to work. Got a lot of people on that though, well okay maybe 8. So back to 3DES for phase 2. Anyways, I hope Apple fixes this. Would like to not have to do a lot of work just because they altered the VPN settings of iOS 4.
I noticed my mobileconfig profile would not work, as well. I read up online and did not find a good answer, so I tried this. 1st I removed the profile from the iphone, then I reset the iphone 4 by holding down the top power button and the home button until it powers off (hold it down even as the power switch pops up) - Once it booted back up, I added the profile and it worked. It showed up in VPN and tested successfully. Hope this helps. The reason I tried this was I read about over issues that a reset fixed, such as auto brightness not working and sync issues. FYI - I sync'd all my photos and movies and the photos and movies did not show up on the phone till I took a pictures with the phone. Go figure... Great iphone anyways - I Don't care! lol
I have a customer with iPad (OS v3.x) and iPhone4 (OS v.4.x). SonicWall TZ210 was set to Ipsec (Phase 2) Proposal / Encryption: 3DES, since the days of the original iPhone.
Recently the customer upgraded from iPhone3 to iPhone4 and discovered that they cannot establish a VPN session from iPhone4. iPad was still working but not reliably.
This is what I discovered.
iPad can connect to SonicWall TZ210 with 3DES and AES-128. iPhone supports AES-128 only.
I set Ipsec (Phase 2) Proposal / Encryption: AES-128 and now both iPad and iPhone4 can connect reliably.
I have an iPhone 3GS with ios 3.0x and current which is ios 4.0.1
The ios 4.x does not work but the one with ios 3.x does work.
My router is the Draytek 2820n
I'm using the ipsek pre shared key, have aes 3des des all enabled on the router.
On the phones the config is the same.
I will be logging this with Apple as I have identical hardware and configs except for the ios on each one.
This topic has definitely helped put my mind at rest as I thought i may have been doing something wrong.
I've verified this issue with Cisco ASA 8.2 (1) with Hybrid XAUTH. Manually configuring the VPN profile from the iPhone itself works, but you have to disable XAUTH on the concentrator as there's no way to set this option from the phone's native interface.
I found this same issue today. I am a user and have no ability to adjust our very large corporate VPN infrastructure.
However, I found a way to get it to work. Sorry, but I have no idea if this is using AES or 3DES. Can I find out on the iPhone side once connected?
Anyway, I went to unlockit.co.nz and created and installed a profile for US - AT&T, which seemed to point to the same wap at cingular servers that it normally should. I don't know. What I do know is that after installing the certificates sent by this site, I can now VPN over 3G.
Has anyone been able to find a work around for this issue with an iPhone OS 4 connecting to a Cisco ASA 5500 Series VPN? I have confirmed that changing the proposals to AES-128 does not work on the Cisco ASA.
Initial testing with iOS 4.1 shows that updating solves the problem. The configuration profile from iPCU now works.
I will test with some more phones tonight and give a final confirmation.
Our VPN server was a Cisco ASA. To recap: it appeared from debugging on the VPN server side that the phone was not trying Aggressive Mode when used with pre-shared key configuration loaded from an iPCU profile. iOS 4.0, 4.0.1 and 4.0.2 all had the issue. 4.1 fixes it.