1. wasalph's Avatar
    Hi all, I would like to share to all that I was able to successfully connect via VPN to a pfSense server using my Z10. Since I dont have other BB10 devices, I can not say if it will also work, I hope it does.

    Anyway, my pfSense is version 2.2.2 which is the latest as of this writing. While my Z10 is under 10.3.1.1865 (leaked).

    My setup is base on the following site:
    https://doc.pfsense.org/index.php/Mobile_IPsec_on_2.0
    https://forum.pfsense.org/index.php?topic=69771.0

    and since the documentation above is for pfSense 2.0~2.1.x, there are some changes needed to have it working under 2.2.2. I am not a technical guy and I dont know the technicalities behind VPN, I just know I have to make it work for me to connect to office server.

    Anyway, for those interested, just follow the steps provided by the first site above. Below are my settings for your references:

    UNDER MOBILE CLIENT
    IKE Extensions: enabled
    Group Authentication: System
    Virtual Address Pool: checked
    network: 10.0.0.1/24 (since my office network is 192.168.x.x
    rest of the settings disabled/uncheck

    UNDER TUNNEL PHASE 1
    KEY EXCHANGE VER: V1
    INTERNET PROTOCOL: IPv4
    INTERFACE: WAN
    AUTHENTICATION METHOD: Mutual PSK + Xauth
    NEGO METHOD: Aggressive
    MY IDENTIFIER: My IP Address
    PEER IDENTIFIER: User distinguish name [email protected]
    PRESHARED KEY: aaabbbccc
    ENCRYPTION ALGO: AES 128 bits
    HASH ALGO: SHA1
    DH KEY GRP: 2 (1024 bit)
    LIFETIME: 86400
    DISABLE REKEY: uncheck
    RESPONDER ONLY: uncheck
    NAT TRAVERSAL: Force
    Dead Peer Detect: checked (enabled DPD) 10 seconds 5 retries

    UNDER PHASE 2
    MODE: Tunnel IPv4
    LOCAL NETWORK TYPE: LAN SUBNET
    In case need NAT: None
    PROTOCOL: ESP
    ENCRYPTION ALGO: check AES, then choose 128bits, all the rest uncheck
    HASH ALGO: SHA1, all the rest uncheck
    PFS key: off
    Lifetime: 28800
    Automatic Ping Host: blank

    UNDER Z10
    PROFILE NAME: ** put your own name here **
    SERVER ADDRESS: ** i use dynamic dns name of my server here, it works **
    GATEWAY TYPE: Cisco Secure PIX Firewall
    AUTHEN TYPE: XAUTH-PSK
    GROUP USERNAME: [email protected]
    GROUP PASS: aaabbbccc
    HARDWARE TOKEN: disable
    USERNAME: ** username created in pfsense set under user manager **
    PASSWORD: ** password of the username above set under user manager **
    AUTO DETERMINE IP: enable
    AUTO DETERMINE DNS: enable
    AUTO DETERMINE ALGO: enable
    IKE Lifetime: 86400
    IPSEC Lifetime: 10800
    NAT Keep Alive: 30
    DPD Freq: 240
    DISABLE BANNER: disable
    USE PROXY: disable

    Again, im not a tech guy, so I cant answer question if it doesnt work for you.... and if it works... enjoy
    04-18-15 11:05 AM
  2. Iancu Constantin Razvan's Avatar
    what you have set on outbound routes, advanced ipsec and rules ? since what you post over here doesn't work so far.
    06-09-15 02:38 PM

Similar Threads

  1. How do I decrpyt BB10 encrypted files?
    By CrackBerry Question in forum BlackBerry 10 Dev Devices
    Replies: 2
    Last Post: 05-09-15, 02:20 AM
  2. How have people recated to your Blackberry Classic?
    By Leo pard in forum BlackBerry Classic
    Replies: 30
    Last Post: 04-28-15, 09:34 AM
  3. WTB: BlackBerry Z10 charger bundle.
    By Freshh23 in forum The Marketplace - Buy, Sell & Trade
    Replies: 8
    Last Post: 04-22-15, 10:56 PM
  4. Can I get some help getting my BlackBerry Z10 working?
    By CrackBerry Question in forum BlackBerry Z10
    Replies: 2
    Last Post: 04-18-15, 10:19 PM
  5. Last person to post is a winner
    By Leo pard in forum Rehab & Off-Topic Lounge
    Replies: 6
    Last Post: 04-18-15, 03:24 PM
LINK TO POST COPIED TO CLIPBOARD