I've got what I feel is a properly configured IKEv2 EAP-MSCHAPv2 road warrior setup.
I can connect to it over WAN from any android device as well as a Linux laptop.
I can connect to it over LAN from an iOS device. However, if I try to connect to it via WAN, I get "The VPN server did not respond"
I'm not sure what the issues could be, because android and Linux connect just fine over WAN.
It feels like there is some firewall rule or setting not exposed that needs to be set.
True to form, the issue was DNS.
The CNAME I was using for everything was pointing towards an A and AAAA record.
It seems I'm not the first that's had this issue either.
https://github.com/opnsense/core/issues/4819
I suspect as ipv6 gets rolled out more, this will become more prevalent.
Sent from my iPhone using Tapatalk