Home » Kerio User Forums » Kerio Control » problem: IPsec vpn with ssl cert on iphone (problem: IPsec vpn with ssl cert on iphone)

Messages: 1

Karma: 0
Send a private message to this user
Hello guys,

I run kerio control 8.0.0

and want to try to create an ipsec tunnel.

here is what I did,

on kerio server:
create valid certificate and make it primary for kerio,
turn on the vpn server in interface menu and checked "enable ipsec vpn server" then choose the certificate name from drop down menu
also checked enable MS-CHAP v2 authentication
and at the end create a role on the traffic policy which permit every ports about ipsec vpn from any sources to firewall.

on the iPhone:
install the certificate as a profile which export from the kerio ssl certificates
create new IPSec vpn connection, with these information,
address "kerio ip add", username and password " which create on the kerio with permission of vpn connections
assign the certificate which installed before

but at the end when I trying to connect it, it says "Negotiation with the vpn server failed"

actually L2TP connection with pre-shared key get connect well but IPsec with ssl cert no!!!

anyone knows whats go wrong with it?


[Updated on: Mon, 10 June 2013 11:24]

Network Administrator
Cisco, Microsoft, VMWare and LPI certified
mlee (Kerio)

Messages: 211
Karma: 16
Send a private message to this user
AFAIK as yet IPsec VPN with certificate does not work with iOS devices. I have created a feature request for this.


PTSD. BP. OCD. ASPD. BPD. Certified.

Messages: 90
Karma: -27
Send a private message to this user
Now Kerio Control IPsec+cert VPN work on iOS devices?
or which version will have this worked?
Previous Topic: ANNOUNCEMENT: Downloads now available in Support section of website
Next Topic: Site to Site vpn via Cisco
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Dec 18 21:58:19 CET 2018

Total time taken to generate the page: 5.20737 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.