Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 17 replies
  • Subscribers 1 subscriber
  • Views 12009 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

iPhone Cisco VPN /Couldn't validate Server certificate

keamas
Hi,
I configured the Cisco VPN option on my Sophos UTM Firewall.
When I connect with my Windows Cisco VPN Client from remote, everything works great.

But when I try it with my iPhone 5 Firmware 6.1.3 I get the message:
VPN Connection: Could not validate the server certificate.

Here are the settings:
Global:
Interface: External WAN
Server certificate: Local X509 Cert
Pool Network: VPN Pool (Cisco)
Local Networks: Any
User and Groups: Users

IOS Settings:
Connection name: VPN (IPsec)
Override hostname: vpn.test.dyndns.org


This thread was automatically locked due to age.
Parents
  • 0
    It was a fresh installation of Sopho UTM 9.

    Up2Date to 9.006 and re-install the Profile on your iPhone.  Any luck?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    It was a fresh installation of Sopho UTM 9.

    Up2Date to 9.006 and re-install the Profile on your iPhone.  Any luck?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    irmware version: 9.006-5
    I am using dyndns Services.
    The FW is behind a router. On the router I put the FW IP as a DMZ IP.

    I created a new certificate like the on the screenshot with hostname = dyndns name.

    Cisco VPN is working no !!!

    But after this change the SSL VPN is not working on port 443 anymore.
    Before this change it worked. Has anyone a idea why?

    I changed the SSL VPN port now to 1194 and this works.

    But I can't use port 443 anymore. Note on the Portal or for the SSL VPN. It seems this port is dead :-P

    At the moment I am using the following ports:
    User Portal 4443 TCP
    SSL VPN (OpenVPN) 1194 UDP
    Cisco VPN 4500 UDP

    I would like to use port 443 for SSL VPN again. Can anyone help me ? Why is this port not working anymore? Is there anything to debug this issue?
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?