On 2023-04-07, m...@phosphorus.com.br <m...@phosphorus.com.br> wrote: > ikev2 "vpn" passive esp \ > from dynamic to 185.21.22.23/32 \
that should definitely be "from ... to dynamic", though that's not the problem you're running into yet. (that /32 you have will only setup a tunnel to the machine itself, if you want all traffic to go via vpn then use 0.0.0.0/0). > If anyone has a working setup for iphone via 4G (dynamic) connecting to > a VPS (fixed IP) is much appreciated. maybe try with user/password auth and get that working first before moving on to client certificates? something like this: --- user <username> "<password>" ikev2 "ikevpn" passive esp from 0.0.0.0/0 to dynamic \ local <server-ip-address> peer any \ srcid "<server-name>" \ eap "mschap-v2" \ config address 172.28.15.128/25 \ config name-server 172.28.15.2 \ tag "$name-$id" ---
