This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cisco IPSec iOS Saved User Password Breaks VPN

Hello,

After downloading the Cisco iOS device VPN configuration from the Remote Access section of the User Portal and installing the profile, I connect to VPN, I enter the user's password, and connect successfully.

If I edit the iOS VPN configuration and add the user's password instead of leaving it as "Ask Every Time," I receive an "No VPN shared secret was provided" error.

Thereafter, if I delete the user's password, returning the configuration to "Ask Every Time," I am no longer prompted for the user's password and receive the "No VPN shared secret was provided" error. 

Same result on iOS 16.3 and 15.7.1 and with all UTM users.

UTM 9.713-19

Please help!



This thread was automatically locked due to age.
  • Searching around for your error, it's been pointed out as an Apple bug, and it affects more than one VPN type.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  •   Can you please confirm that this is a known issue and Sophos has reported it to Apple?

    Where can I find a list of known issues for Sophos UTM?

  • Hey  ,

    The issue may be with the apple more rather than the UTM, here is the KIL list - https://doc.sophos.com/support/kil/index.html
    Choose your Product [in the drop down menu] - UTM 

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • try this method, it worked for me and its good walkaround not requiring manually typing password every time:

    Just in case remove your profile and import again as before, after importing profile don't type password to be save, don't do anything with it, just leave that profile as it is and create new profile manually by clicking "add configuration" :
    Type: IPsec
    Desc: VPN IPsec WORKING (any name you prefer)
    account: your vpn account name
    pass: pass for your vpn account
    user cert - tick this and select cert (should be 1 available)
    click save, when you go back to profile it will show as cert not ticked, but don't worry it is using it (maybe another apple bug). try to connect to VPN with new created profile.

    Its important to remember to not delete previously imported profile as it contain cert needed for manually created new profile.

    There should be a way of importing that cert on its own without need to install whole profile that is not used for connecting to vpn and then creating manually profile using that cert, that will be nicer and cleaner way with one only profile and I may look in to this some other day ;)