Koozali.org: home of the SME Server
		Obsolete Releases => SME Server 7.x => Topic started by: steve288 on March 19, 2013, 03:20:25 PM
		
			
			- 
				I cannot get VPN to work on and IPHONE 3G.
 I do not normally use an iphone. However I have to go away and want to pick up email etc. To pick up our email I need to get VPN working. I have been given an Iphone 3G. Others here have a VPN set up on their Iphone 4G’s that connects up via VPN and then they can pick up their mail. (we have no outside way of picking up email)
 
 Internally I can pick up the mail quite fine with the Iphone. But once outside the network and trying to use the VPN it does not work.
 
 Simply put the VPN does not work for me with the Iphone. The same account does work with a computer using VPN.
 
 I have set up my VPN exactly the same as someone else’s phone (a 4G) that does work.
 For me I turn on the VPN connect and then I get the message
 ..Connecting
 ..Starting
 ..Authenticating
 ..Disconnecting
 
 Then the pop up box,
 
 VPN connection
 Authentication failed
 OK
 
 I have tried this on at least 2 SME servers One version 7.6 and the other 8.0
 Both do not work for me. This phone only has wireless enabled it does not have a chip. Im just using the wifi. I know that the vpn works for computers and for other Iphones.
 Can anyone provide any answers to this?
 
 I cannot see anything in the radius logs that tell me anything, although I would be happy to provide them if they would help.
 By the way the server is set up in server-gateway mode but I have tried on that is just in server mode with the VPN port forwarded.
 
 Here are my VPN settings for my IPHONE.
 
 VPN
 ***
 Settings
 General
 Network
 VPN
 (your account)
 PPTP
 Description: myname
 Server: outsideipaddress
 Account: validaccount
 RSA SecurID: Off
 Password: ****
 Encryption Level Auto
 Send All Traffic; Off (although others seem to have this ON I have tried both)
 Proxy: OFF
 
 Thanks.
- 
				steve288
 
 Authentication failed 
 Those VPN settings match my old iPhone 3G, except for Server: I use a domain name, and that phone works OK with VPN to sme 7.6 & 8.0 servers.
 I have Send all traffic On, but that just sends traffic via the VPN connection & the remote gateway, instead of via your local gateway, it is probably appropriate that you turn it On.
 I do not think that will change or fix your problem though, as it seems to be an Authentication issue.
 
 Look in the messages log file on the sme server you are trying to connect to around the time you make the connection.
 You also need to look at your local WiFi network & router & gateway to see that they ALL support the required protocols for VPN.
 Check any log files on your local equipment.
 Also see this article for tips & issues re gre protocol 47 & required ports etc.
 http://wiki.contribs.org/VPN_practical_tips#Background_information
 
 In the logs look for gre issues
 
 Do those other 4G iPhones that work OK elsewhere with VPN, also work on the same network & WiFi connection that you are using ?
 You need to test another similar device on your actual network. If an iPhone that works elsewhere does not work on your WiFi connection, then you likely have a local problem.
 
- 
				I will research some of the issues you have raised.
 Also I'm going to see if for what ever reason, if my friends turn off the cell network if it will still work.
 I cannot see that doing over wifi would be any different rather than a cell network, but trying to look at all options.
 Thanks.
 
- 
				steve288
 
 I cannot see that doing over wifi would be any different rather than a cell network, but trying to look at all options. 
 Connecting via WiFi or cellular network will be no different as far as your iPhone is concerned, but with WiFi a very different data path is taken, as your data needs to traverse your local WiFi modem/router/wap device & your local gateway/router/modem etc, and if ANY of those devices do not support the necessary protocols that VPN needs (both directions), then you will not be able to connect, authenticate & establish a VPN connection.
 
 You need to read your device specs (WiFi device, router etc) and see if they are specified to support the necessary protocols, and are also configured to do so as well.
 
- 
				Well it could be the wifi routers that I connect to going out to the internet. 
 I dont have control over them, eg if Im at a coffee shop, for example.
 
 HOWEVER, at home I can VPN out to the same server that is refusing to take the Iphone using a comptuer  via my home router/wifi to the SME server in Gateway-server mode. Wouldnt this prove that the VPN is working and that the router supports it ?
 
 Here is the error that IM getting at the SME server 7.6. from the messages, when I use the Iphone vpn.
 
 Mar 20 09:43:59 mail pptpd[32089]: CTRL: Client 123.123.123.123 control connection started
 Mar 20 09:43:59 mail pptpd[32089]: CTRL: Starting call (launching pppd, opening GRE)
 Mar 20 09:43:59 mail pppd[32090]: Plugin radius.so loaded.
 Mar 20 09:43:59 mail pppd[32090]: RADIUS plugin initialized.
 Mar 20 09:43:59 mail pppd[32090]: pppd 2.4.4 started by root, uid 0
 Mar 20 09:43:59 mail kernel: divert: not allocating divert_blk for non-ethernet device ppp0
 Mar 20 09:43:59 mail pppd[32090]: Using interface ppp0
 Mar 20 09:43:59 mail pppd[32090]: Connect: ppp0 <--> /dev/pts/1
 Mar 20 09:43:59 mail udevd[1212]: udev done!
 Mar 20 09:44:13 mail pppd[32090]: Peer joeblow failed CHAP authentication
 Mar 20 09:44:13 mail pptpd[32089]: CTRL: EOF or bad error reading ctrl packet length.
 Mar 20 09:44:13 mail pptpd[32089]: CTRL: couldn't read packet header (exit)
 Mar 20 09:44:13 mail pptpd[32089]: CTRL: CTRL read failed
 Mar 20 09:44:13 mail pptpd[32089]: CTRL: Reaping child PPP[32090]
 Mar 20 09:44:13 mail pppd[32090]: Modem hangup
 Mar 20 09:44:13 mail pppd[32090]: Connection terminated.
 Mar 20 09:44:13 mail kernel: divert: no divert_blk to free, ppp0 not ethernet
 Mar 20 09:44:13 mail pppd[32090]: Exit.
 Mar 20 09:44:13 mail pptpd[32089]: CTRL: Client 123.123.123.123 control connection finished
 Mar 20 09:44:13 mail udevd[1212]: udev done!
 
 Regards.