Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 1 subscriber
  • Views 3889 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

iphone 4.2 and vpn ipsec

equintana
Hi,


I have an iphone 4.2 device and tried to follow the document about installing ipsec vpn. Everything went fine until an error message was shown something like" not validated the cert"....

Is strange because as I could readed at this forum, the cert has the same name than my server....

Which could be the problem then?

Regards


This thread was automatically locked due to age.
Parents
  • 0
    Samuel, please try again with the following instructions.  You will want to make a backup before doing this test, as generating a new VPN Signing CA will "break" all other VPNs that depend on certificates.  If this works, you'll want to do step -3- with each certificate-based VPN.  If you have any SSL VPNs, you'll also need to change the 'Override hostname' on the 'Advanced' tab to the new FQDN.

    - 1 - Determine an FQDN that resolves to the public IP of the ASG in public DNS.
    - 2 - On the 'Advanced' tab of 'Certificate Management', generate a new signing CA (this will create one with SHA1 instead of MD5 which is no longer supported in iOS5).
    - 3 - Generate a new certificate using the FQDN (from step -1-) as the 'VPN ID' and enter a value in every field of the certificate - leave none empty.



    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Samuel, please try again with the following instructions.  You will want to make a backup before doing this test, as generating a new VPN Signing CA will "break" all other VPNs that depend on certificates.  If this works, you'll want to do step -3- with each certificate-based VPN.  If you have any SSL VPNs, you'll also need to change the 'Override hostname' on the 'Advanced' tab to the new FQDN.

    - 1 - Determine an FQDN that resolves to the public IP of the ASG in public DNS.
    - 2 - On the 'Advanced' tab of 'Certificate Management', generate a new signing CA (this will create one with SHA1 instead of MD5 which is no longer supported in iOS5).
    - 3 - Generate a new certificate using the FQDN (from step -1-) as the 'VPN ID' and enter a value in every field of the certificate - leave none empty.



    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML