I made some progress and I am having a different issue now. The problem it seems that p12 file i had was not enough for iOS (not sure why). I had to install CA's cert to make iOS connect to VPN (after CA's cert installation client cert becomes trusted by iOS not sure if that's the reason why it worked).
After client is connected I don't have DNS setup on client side (used net analyzer app to see that on iOS). So I fooled around dns setting in strongswan.conf and it wouldn't work (not pushed to client). I had to add rightdns=<ip> in ipsec.conf to make it work (does this setting accept multiple DNS?). So half of the issue is completed. I still can't connect when the phone is on 3G (but WIFI is fine; so NAT on either end, from Amazon, and from local router). I suspect there is a routing issue. Thanks Thanks in advance _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
