iOS IPSec VPN client fails to reconnect after idle time
| Originator: | gagan.mazed | ||
| Number: | rdar://16109161 | Date Originated: | 19-Feb-2014 |
| Status: | Duplicate | Resolved: | |
| Product: | iOS | Product Version: | 7.1 |
| Classification: | Reproducible: | sometimes |
Summary: We are experiencing an issue with IPSec VPN. We use iOS 7.0.4 as a client and strongSwan 5.1.1 as a server. When the VPN connection is established for the first time, things are working fine. But after some time (more than hour) client gets disconnected and cannot establish connection anymore. The problem does not happen every time. We consider it's a serious bug because when this happens, device does not have internet connectivity (because vpn is down, and profile is such that VPN must be used for all connections). Our setup is based on http://wiki.strongswan.org/projects/strongswan/wiki/IOS_(Apple) Below are logs from the client: 00:49:21 configd[42] : IPSec Controller: IKE FAILED. phase 6, assert 0 00:49:21 configd[42] : IPSec disconnecting from server xxxx 00:49:21 kernel[0] : SIOCPROTODETACH_IN6: utun0 error=6 00:49:21 configd[42] : network changed: v4(en0:10.64.18.135, utun0-:198.18.64.2) DNS! Proxy! 00:49:21 configd[42] : network changed. 00:49:21 configd[42] : SCNC: stop, triggered by (85) apsd, type IPSec, reason User Requested 00:49:21 racoon[7636] : IPSec disconnecting from server xxxx 00:49:21 racoon[7636] : failed to send vpn_control message: Broken pipe 00:49:21 racoon[7636] : glob found no matches for path "/var/run/racoon/*.conf" 00:49:21 mDNSResponder[50] : getExtendedFlags: SIOCGIFEFLAGS failed, errno = 6 (Device not configured) 00:49:21 racoon[7636] : IPSec disconnecting from server xxxx 00:49:21 racoon[7636] : pfkey DELETE failed: No such file or directory When this problem happens, server does not receive any packet from iOS client. Steps to Reproduce: Steps: 1) Install VPN using the attached configuration profile. VPN icon should appear 2) Browse to apple.com to check if internet is working. 3) Lock the device and leave device idle for an hour + 4) Unlock the device. VPN icon should not be shown. 5) Browse apple.com Expected Results: VPN icon will appear and apple.com will be loaded Actual Results: VPN icon does not appear, network activity indicator keeps spinning. Device has no internet connectivity and user cannot do anything about it. Version: iOS 7.0.4 (11B554a) Notes: Other notes: ------------------------- - The server works fine with other platforms (for example, Android). Related links: ------------------------- - https://discussions.apple.com/thread/2670311 - Related Mavericks issue: https://community.hide.me/threads/cisco-ipsec-and-os-x-mavericks-our-experience-and-why-its-broken.631/ - We have first submitted a TSI (Ref: 603725110) and have been suggested to submit this bug report Configuration: iPhone 4S, MD239KS/A, iOS 7.0.4 (11B554a) iPad mini retina, ME276KS/A, iOS 7.0.4 (11B554a) UPDATE: 04-Mar-2014 Engineering has determined that your bug report is a duplicate of another issue and will be closed.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!