IPSEC on iPhone using pfSense

amrogers3

Gawd
Joined
Nov 7, 2010
Messages
640
Anyone got IPSEC to work on an iPhone using pfSense? I **think** I followed this guide: (1260) iPhone IPSEC VPN Setup - YouTube

I have OpenVPN installed and working great. Not able to get IPSEC to work. I am running pfSense version 2.4.5-RELEASE-p1 (amd64)

I appears to be connecting successfully but I can't seem to access resources on the network.

Screen Shot 2022-05-22 at 11.52.21 AM.png


I downloaded "Network Ping Lite" and can't seem to ping.

Screen Shot 2022-05-22 at 12.07.57 PM.png


I show this on the iPhone.

Screen Shot 2022-05-22 at 12.07.38 PM.png


Firewall rules:
Screen Shot 2022-05-22 at 12.29.40 PM.png
 
Last edited:

ComputerBox34

[H]F Junkie
Joined
Nov 12, 2003
Messages
13,591
Why not use WireGuard or stick with OpenVPN?

This guide is very old. You may have to add a route to your routing table telling PFSense how to get traffic from your 192.168.1.0/24 network over to 10.254.69.1/32
 

amrogers3

Gawd
Joined
Nov 7, 2010
Messages
640
hey DB34, thx for the reply.

It's for my wife's iphone so I was trying to go with something that is built into apple and easier to use. All she has to do it press one button to connect the IPSEC vpn.

You are correct, that video is pretty old. I couldn't seem to find a recent how-to on IPSEC and pfsense. I came across this which I might try although is doesn't differ much from the other guide I referenced.
https://www.hagensieker.com/wordpre...on-pfsense-to-replace-openvpn-connect-on-ios/

This guide is very old. You may have to add a route to your routing table telling PFSense how to get traffic from your 192.168.1.0/24 network over to 10.254.69.1/32

This should be handled by:
1653577646565.png
 

SamirD

Supreme [H]ardness
Joined
Mar 22, 2015
Messages
5,990
When I was looking at pfsense years ago, it's lack if IPsec VPN capabilities made us go with other standalone boxes. And it seems that even today their implementations are still lacking.

You could try to use use L2TP with IPsec if that's possible on pfsense.
 
Top