iphone 6 vpn connection problem

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
lz2k2000@gmail.com
Posts: 2
Joined: Mon Oct 01, 2018 9:15 pm

iphone 6 vpn connection problem

Post by lz2k2000@gmail.com » Mon Oct 01, 2018 11:38 pm

Hi,
I installed vpn sever on Centos 7 box. VPN client on pc works fine but I can not get my iphone 6 connected to the vpn server with iphone built-in client.
here's the error log from the server:
2018-10-01 19:22:31.108 IPsec Client 2 (172.58.200.19:34954 -> 192.168.1.115:500): A new IPsec client is created.
2018-10-01 19:22:31.108 IPsec IKE Session (IKE SA) 2 (Client: 2) (172.58.200.19:34954 -> 192.168.1.115:500): A new IKE SA (Main Mode) is created. Initiator Cookie: 0xD65076AD1501B475, Responder Cookie: 0xFDE7072F5351DAFD, DH Group: MODP 2048 (Group 14), Hash Algorithm: SHA-2-256, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
2018-10-01 19:22:41.306 IPsec IKE Session (IKE SA) 2 (Client: 2) (172.58.200.19:34954 -> 192.168.1.115:500): This IKE SA is deleted.
2018-10-01 19:22:41.306 IPsec Client 2 (172.58.200.19:34954 -> 192.168.1.115:500): This IPsec Client is deleted.

it looks that the connection has been established but due to some reason it was deleted soon after....
I've already enable Secure/NAT on my server and enabled all port forwarding on the router where the vpn server sit behind....the sever ip is 192.168.1.115.

Thanks for help...

cmd wh0ami
Posts: 125
Joined: Sun Jul 16, 2017 6:58 pm

Re: iphone 6 vpn connection problem

Post by cmd wh0ami » Tue Oct 02, 2018 12:55 pm

What about iptables in CentOS? Do you have a default accept policy?

Code: Select all

# Set default chain policies
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P INPUT ACCEPT
Or if you don't have default accept policy did you open up udp 500 and 4500?

Code: Select all

# Set default chain policies
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P INPUT DROP

# Accept incoming IPsec
iptables -A INPUT -p udp --dport 500 -j ACCEPT
iptables -A INPUT -p udp --dport 4500 -j ACCEPT
If your working with CentOS 7 I'm almost sure it has firewalld. I don't work with firwalld but it's the same concept. Im sure you can find how to do it with firewalld too. I remove firewalld by:

Code: Select all

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
[root@centos-rpi3 ~]# yum remove firewalld -y
Then I install iptables-services by

Code: Select all

[root@localhost ~]# yum install iptables-services
[root@localhost ~]# systemctl enable iptables
VPN Discord invite: https://discord.gg/QByKXA9

lz2k2000@gmail.com
Posts: 2
Joined: Mon Oct 01, 2018 9:15 pm

Re: iphone 6 vpn connection problem

Post by lz2k2000@gmail.com » Wed Oct 03, 2018 12:32 am

my server is running Centos 7 and firewalld had already disabled.....
I tried many times still can not figure it out.....

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: iphone 6 vpn connection problem

Post by thisjun » Wed Oct 17, 2018 8:30 am

Do you port forward 4500/UDP?

Post Reply