I have for a couple of days tried to allow my iPhone 3G using the 4.2.1 firmware to connect using PPTP VPN to a server behind a OpenBSD 4.8 NAT-router.
My initial trials using a Windows Server 2003 directly connected to the internet worked fine, but as soon as I tried using an OpenBSD box inbetween with VPN passthrough I got problems. Windows clients could connect fine, but not my iPhone.
I was using the following PF-rules, and tried every variation of them:
pass in quick on $ext_if proto gre rdr-to $vpn-serverI also tried using Poptop and Frickin PPTP proxy, but the iPhone always failed after "starting", claiming that the remote server dropped connection. The Windows Server claimed that no GRE packages went through and kept blaming my router. I also tried using Windows 7 as a server.
pass in quick on $ext_if proto tcp from any to $ext_if port 1723 rdr-to $vpn-server
In my troubleshooting I returned to my first trial, using the working Windows Server 2003 directly connected, but that suddenly didn't work either.
The solution? Delete and recreate the VPN connection on the iPhone. Suddenly the connection worked. Trying again using the OpenBSD router inbetween worked after - once again - recreating the VPN connection. Every time I switch server or change something I need to recreate the connection.
That was one hard bug to find, apparently it affects the iPad too. Good thing I found this workaround until Apple fixes it.
No comments:
Post a Comment