Tobias,<div><br></div><div>This is with an iPhone 4S on iOS 5.0.1 - just in case this is an issue w/ my VPN config, I'm including my setup below:</div><div><br></div><div><div>config setup</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>charonstart=no</div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>plutostart=yes</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>plutodebug=all</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>plutostderrlog=/var/log/pluto.log</div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>nat_traversal=yes</div><div><br></div><div>conn iphone</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>modeconfig=pull</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>type=tunnel</div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>installpolicy=yes</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>auto=add</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>keyexchange=ikev1</div>
<div> ike=aes128-md5-modp1024</div><div> esp=aes128-md5</div><div> forceencaps=yes</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>dpdaction=clear</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>authby=xauthrsasig</div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>xauth=server</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>pfs=no</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>leftcert=<server cert></div>
<div> leftid="C=US, ST=IN, L=Indianapolis, O=blah, CN=<server hostname>"</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>left=<server hostname></div><div><span class="Apple-tab-span" style="white-space:pre"> </span>leftsourceip=10.0.1.1</div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>leftsubnet=<a href="http://0.0.0.0/0">0.0.0.0/0</a></div><div><span class="Apple-tab-span" style="white-space:pre"> </span>right=%any</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>rightid="C=US, ST=IN, L=Indianapolis, O=blah, CN=<client cn>"</div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>rightsourceip=<a href="http://10.0.1.2/8">10.0.1.2/8</a></div><div><span class="Apple-tab-span" style="white-space:pre"> </span>rightcert=<client cert></div>
<div><br></div><div>( with the qualification that there's a lot in this config that I got to work through hacky trial and error, and that I most definitely do not understand every option in this config )</div><div><br>
</div><div>With this config, w/ and w/o UNITY_SAVE_PASSWD, I get prompted for XAuth credentials on each VPN connect. The VPN connection is added through a .mobileconfig file, using VPN on demand on the iOS side.</div><div>
<br></div><div>Chris Zelenak</div><br><div class="gmail_quote">On Mon, Nov 28, 2011 at 1:08 PM, Tobias Brunner <span dir="ltr"><<a href="mailto:tobias@strongswan.org">tobias@strongswan.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Hi Chris,<br>
<br>
which iOS version do you use on your device? Because I just tried how<br>
the VPN client behaves on an iPhone 3GS with iOS 5.0.1. And well, I can<br>
save the password even without sending UNITY_SAVE_PASSWD (I did not try<br>
what happens if I do, actually).<br>
<br>
> <a href="https://discussions.apple.com/thread/2390965?start=0&tstart=0" target="_blank">https://discussions.apple.com/thread/2390965?start=0&tstart=0</a><br>
<br>
Since this thread was started quite a while ago and refers to iOS 3.x up<br>
to 4.0 I guess Apple changed their client's behavior in the mean time.<br>
<br>
Regards,<br>
Tobias<br>
</blockquote></div><br></div>