This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Vpn ipad

I followed the steps http://www.astaro.com/getting-started/iphone-ipad-vpn.pdf and still could not connect to my IPAD2. I'm using ASG120, v8.202

Show logs e screenshots.

This thread was automatically locked due to age.

0 danieldemoraisgurgel over 13 years ago

In my iphone 4, the same error appears...

2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: packet from 200.194.99.10:500: received Vendor ID payload [RFC 3947]
2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: packet from 200.194.99.10:500: ignoring Vendor ID payload [4df37928e9fc4fd1b3262170d515c662]
2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: packet from 200.194.99.10:500: ignoring Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: packet from 200.194.99.10:500: ignoring Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: packet from 200.194.99.10:500: ignoring Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: packet from 200.194.99.10:500: ignoring Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: packet from 200.194.99.10:500: ignoring Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: packet from 200.194.99.10:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: packet from 200.194.99.10:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: packet from 200.194.99.10:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: packet from 200.194.99.10:500: received Vendor ID payload [XAUTH]
2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: packet from 200.194.99.10:500: ignoring Vendor ID payload [Cisco-Unity]
2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: packet from 200.194.99.10:500: received Vendor ID payload [Dead Peer Detection]
2011:11:30-11:12:06 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: responding to Main Mode from unknown peer 200.194.99.10
2011:11:30-11:12:07 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: NAT-Traversal: Result using RFC 3947: no NAT detected
2011:11:30-11:12:08 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: ignoring informational payload, type IPSEC_INITIAL_CONTACT
2011:11:30-11:12:08 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: Peer ID is ID_DER_ASN1_DN: 'C=br, L=Fortaleza, O=Grupo Auxilio, CN=redes'
2011:11:30-11:12:08 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: crl not found
2011:11:30-11:12:08 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: certificate status unknown
2011:11:30-11:12:08 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: we have a cert and are sending it
2011:11:30-11:12:08 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: unable to locate my private key for signature
2011:11:30-11:12:08 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: sending encrypted notification AUTHENTICATION_FAILED to 200.194.99.10:500
2011:11:30-11:12:11 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: ignoring informational payload, type IPSEC_INITIAL_CONTACT
2011:11:30-11:12:11 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: Peer ID is ID_DER_ASN1_DN: 'C=br, L=Fortaleza, O=Grupo Auxilio, CN=redes'
2011:11:30-11:12:11 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: crl not found
2011:11:30-11:12:11 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: certificate status unknown
2011:11:30-11:12:11 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: we have a cert and are sending it
2011:11:30-11:12:11 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: unable to locate my private key for signature
2011:11:30-11:12:11 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: sending encrypted notification AUTHENTICATION_FAILED to 200.194.99.10:500
2011:11:30-11:12:14 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: ignoring informational payload, type IPSEC_INITIAL_CONTACT
2011:11:30-11:12:14 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: Peer ID is ID_DER_ASN1_DN: 'C=br, L=Fortaleza, O=Grupo Auxilio, CN=redes'
2011:11:30-11:12:14 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: crl not found
2011:11:30-11:12:14 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: certificate status unknown
2011:11:30-11:12:14 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: we have a cert and are sending it
2011:11:30-11:12:14 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: unable to locate my private key for signature
2011:11:30-11:12:14 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: sending encrypted notification AUTHENTICATION_FAILED to 200.194.99.10:500
2011:11:30-11:12:17 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: ignoring informational payload, type IPSEC_INITIAL_CONTACT
2011:11:30-11:12:17 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: Peer ID is ID_DER_ASN1_DN: 'C=br, L=Fortaleza, O=Grupo Auxilio, CN=redes'
2011:11:30-11:12:17 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: crl not found
2011:11:30-11:12:17 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: certificate status unknown
2011:11:30-11:12:17 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: we have a cert and are sending it
2011:11:30-11:12:17 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: unable to locate my private key for signature
2011:11:30-11:12:17 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: sending encrypted notification AUTHENTICATION_FAILED to 200.194.99.10:500
2011:11:30-11:12:18 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: ignoring informational payload, type IPSEC_INITIAL_CONTACT
2011:11:30-11:12:18 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: Peer ID is ID_DER_ASN1_DN: 'C=br, L=Fortaleza, O=Grupo Auxilio, CN=redes'
2011:11:30-11:12:18 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: crl not found
2011:11:30-11:12:18 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: certificate status unknown
2011:11:30-11:12:18 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: we have a cert and are sending it
2011:11:30-11:12:18 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: unable to locate my private key for signature
2011:11:30-11:12:18 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: sending encrypted notification AUTHENTICATION_FAILED to 200.194.99.10:500
2011:11:30-11:12:26 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3960: max number of retransmissions (2) reached STATE_MAIN_R2
2011:11:30-11:12:30 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: ignoring informational payload, type IPSEC_INITIAL_CONTACT
2011:11:30-11:12:30 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: Peer ID is ID_DER_ASN1_DN: 'C=br, L=Fortaleza, O=Grupo Auxilio, CN=redes'
2011:11:30-11:12:30 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: crl not found
2011:11:30-11:12:30 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: certificate status unknown
2011:11:30-11:12:30 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: we have a cert and are sending it
2011:11:30-11:12:30 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: unable to locate my private key for signature
2011:11:30-11:12:30 ASG120_Auxilio pluto[11626]: "D_for redes to Internal (Network)"[3] 200.194.99.10 #3961: sending encrypted notification AUTHENTICATION_FAILED to 200.194.99.10:500
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 13 years ago

Hi, Daniel,

This is a known issue with iOS 5. Apple dropped support for MD5 and now only supports certificates with SHA1 or SHA2. Search here for the solution - it requires some effort to compensate for Apple's thoughtlessness.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 Scott_Klassen over 13 years ago

https://support.astaro.com/support/index.php/IPsec_Connections_over_Cisco_Client_do_not_work_at_Apples_iOS_5
Cancel
Vote Up 0 Vote Down

Cancel
0 FrankFiene over 13 years ago

What is funny:

My VPN is running fine on my iPad and iOS 5!

I had installed the VPN with iOS 4 and it is still running after all upgrades.
With MD5 hash based certificates!

If I install it on a new iOS device it will not started because of the known issue!

It would be interesting, what is different so we can do a workaround with iOS Configuration Utility!

Any idea?
Cancel
Vote Up 0 Vote Down

Cancel