Page 1 of 1

IPSEC android trouble connecting

Posted: January 10th, 2017, 8:01 am
by DrUnknownEMC
So i have set up the IPSEC Roadwarrior using the guide on wiki, but have trouble connecting to it. I have used same cert and user name and password but i get this error when i connect.

Code: Select all

[enc] parsed IKE_AUTH response 2 [ n(AUTH_FAILED) ]
[IKE] recived autherntication_failed notify error 

Also i presume i don't have to do any port forwarding right?

I presume the error is saying my user secret is not correct but when go check the secret i have setup on my ipfire it seem to be same. From the log i could see it could connect to the sever and is able to received CA from it. I not sure where i have messed up, it would nice to tell me where I need to go have another look or point me to right direction.

Thanks

Re: IPSEC android trouble connecting

Posted: January 10th, 2017, 5:40 pm
by csmall
I'm taking a guess here but it is possible the Android device doesn't have the whole chain for the certificate(s).

I have seen this happen with the use of public certificates and services on Android devices.

Re: IPSEC android trouble connecting

Posted: January 11th, 2017, 12:58 am
by DrUnknownEMC
csmall wrote:I'm taking a guess here but it is possible the Android device doesn't have the whole chain for the certificate(s).

I have seen this happen with the use of public certificates and services on Android devices.
I currently only have certificates for the profile, and the host certificates. Do also need root certificates?

Re: IPSEC android trouble connecting

Posted: January 11th, 2017, 1:33 am
by csmall
DrUnknownEMC wrote:
csmall wrote:I'm taking a guess here but it is possible the Android device doesn't have the whole chain for the certificate(s).

I have seen this happen with the use of public certificates and services on Android devices.
I currently only have certificates for the profile, and the host certificates. Do also need root certificates?
Probably, yes. I would give that a try. The device likely needs the whole chain.

I could be totally wrong but I've experienced this in the past. Can't hurt to try.

Re: IPSEC android trouble connecting

Posted: January 11th, 2017, 9:46 pm
by csmall
Any luck?

Re: IPSEC android trouble connecting

Posted: January 12th, 2017, 12:24 pm
by DrUnknownEMC
csmall wrote:
DrUnknownEMC wrote:
csmall wrote:I'm taking a guess here but it is possible the Android device doesn't have the whole chain for the certificate(s).

I have seen this happen with the use of public certificates and services on Android devices.
I currently only have certificates for the profile, and the host certificates. Do also need root certificates?
Probably, yes. I would give that a try. The device likely needs the whole chain.

I could be totally wrong but I've experienced this in the past. Can't hurt to try.
Hope, i have tired installing host and root and reinstall the client and same problem. I have tired to use different secret but same problem. I have using strongsawn vpn app and it said user authentication failed, i will go try with no password.

Sorry about late reply.

Image
Image
Image

Re: IPSEC android trouble connecting

Posted: January 14th, 2017, 9:11 am
by DrUnknownEMC
csmall wrote:
DrUnknownEMC wrote:
csmall wrote:I'm taking a guess here but it is possible the Android device doesn't have the whole chain for the certificate(s).

I have seen this happen with the use of public certificates and services on Android devices.
I currently only have certificates for the profile, and the host certificates. Do also need root certificates?
Probably, yes. I would give that a try. The device likely needs the whole chain.

I could be totally wrong but I've experienced this in the past. Can't hurt to try.
The window IP SEC seem to able to connect and through the web ui you can see it show as connected and everything works, what is example of ip range?

Re: IPSEC android trouble connecting

Posted: January 15th, 2017, 12:41 pm
by csmall
Just curious, can you use open VPN?

I can personally say that it works great on android.

Re: IPSEC android trouble connecting

Posted: January 18th, 2017, 12:24 pm
by DrUnknownEMC
csmall wrote:Just curious, can you use open VPN?

I can personally say that it works great on android.
I have openvpn working but i would like to use it when im overseas, such as China which actively block OpenVPN.

Re: IPSEC android trouble connecting

Posted: January 27th, 2017, 11:01 am
by DrUnknownEMC
csmall wrote:Just curious, can you use open VPN?

I can personally say that it works great on android.
Is there an option which allow just basic certificate check, i have tried doing same steps as window but I am not able to get it working. I using StrongSawn Android app.

Re: IPSEC android trouble connecting

Posted: January 29th, 2017, 8:53 am
by DrUnknownEMC
rusment wrote:I had a similar error. My solution: select one type integrity.
And select: "IKE+ESP: Use only proposed settings"

Image
Are just using basic certification verification or certification +EAP.