[Openswan Users] iphone VPN capabilities

Jacco de Leeuw jacco2 at dds.nl
Wed Jul 4 13:48:19 EDT 2007

Paul Wouters wrote:

> http://docs.info.apple.com/article.html?artnum=305723
> iPhone supports the following configurations of PPTP and L2TP/IPSec protocols
> for VPN (Virtual private networks):
>     * PPTP + MSCHAPv2
>     * L2TP/IPSec with SharedSecret + MSCHAPv2
> So you better not make this your corporate phone of choice.

PPTP with passwords is a fairly common configuration. According to those
in the know, it is Microsoft's implementation that is lacking. I don't
know what the iPhone's implementation is based on, but let's hope it is
something better than Microsoft's.

> iPhone does not support:
>     * Pure IPSec
>     * IPSec Machine Certificates

I agree: IPsec with a single PSK is not a good idea for corporate VPN use.
As I suspected in my previous post, Apple decided to avoid the hassle of
installing client certificates on the iPhone. But this is only the first
release. Mac OS X 10.3 initially also only supported PSKs, 10.4 added
support for certificates. So who knows what lies ahead.

Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl

More information about the Users mailing list