Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 14 replies
  • Answers 2 answers
  • Subscribers 5 subscribers
  • Views 9259 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec VPN does not work for IOS devices after upgrade to 9.411-3

Jesper Hanno Hansen

After upgrading to 9.411-3 IOS devices cannot connect via IPSec, if the configuration on the ISO device is deleted and configured again via remote access it works, but we dont like to bother our users reinstalling the VPN configuration... is there a way out here?

 

Regards

Jesper Hanno



This thread was automatically locked due to age.
  • 0 in reply to Jesper Hanno Hansen

    Is this  a problem with all iOS devices? Which version? 

    I had several iOS VPN Problems, and they are an apple Problem, because they changed something.

    How old are these iOS VPN installations, how old is your UTM installation. May be your VPN CA Certificate has an old MD5.

     

    May

  • 0 in reply to maygyver

    It seems like it all IOS devices, we have not found any that did work, and the Apple IOS device version is 10.2.1 (the latest)

    The VPN installation/configuration is from October 15-20th 2016

     

    Regards

    Jesper Hanno

  • 0 in reply to maygyver

    Not after every Up2Date, May, just in cases where a problem appears mysteriously after an Up2Date.  I recommend a three-step process before re-imaging from ISO:

    1. The restore trick above.
    2. Reboot.
    3. Delete and re-create the failing object(s).

    It seems that fewer that 1 in a thousand configurations get broken during an Up2Date that includes upgrading objects instead of just installing new rpms.

    Cheers - Bob

  • 0 in reply to Jesper Hanno Hansen

    Sorry, in my last comment, I was thinking this was a site-to-site, but it's Remote Access.

    Try deleting the IPsec Remote Access Rule and creating a new one identical to the old.  If that didn't work, I'm afraid you're stuck with the solution you already found.  The restore trick probably would fix this problem.

    Cheers - Bob