Hi,
I have enabled “keepalive” with CLI for IPsecVPN of iOS, but still disconnected after screen off.
May I know how to let keepalive ?
Thanks
This is an apple problem not a FortiNet problem
Asked once for this problem and it looks like Apple devices turn off connections when locked to minimize power usage. The only way is to jailbreak the iPhone, but I don’t know anything else.
Why not use the ios vpn on demand?
TL;DR: IKEv1 VPNs drop when the device is locked, IKEv2 VPNs seems to remain up.
Just to add some notes on my previous comment: in my experience, it looks like using the IPSec wizard, which uses IKEv1, makes it so that the iPhone is unable to keep alive the VPN when locked.
I was able recently to switch to IKEv2 with EAP-TLS authentication using an external RADIUS server and today my VPN is not going down when I lock the device. I don’t know if anybody can test this, but for me it is working.
This article states the same things I’m experiencing: How to Enable Always-on VPN on an iPhone or iPad (howtogeek.com)
Or Wireguard… As there is no real „dial-in“, you can achieve a real always-on-vpn
Years ago I was helping the guys who were building a job scheduling app for iPad. When tunnel was up the iPads were not able to keep charge all day. We implemented aggressive timer and tunnel autostart based on DNS and situation improved massively but there was still a clear difference with iPads not using VPN.
Situation improved since then, but still, if you can - avoid the VPN better use some other methods. Like direct TLS connection.
P.S. if you watch the space, there are some new mobile security tools like Microsoft Defender for mobile who do use the loopback as a VPN destination! In this way security software can scan the traffic locally on the mobile device.
Definitely an apple problem. I can keep alive an ipsecvpn on
Yes, wireguard can keep connection. But seems drain more battery, any setting on wireguard server is better
Whenever an ios application tries to communicate with a system in our internal domain, the vpn connects automatically.
I am using wireguard constantly and cannot see a higher battery drain
not found this setting in iOS. need to install app or JB ?
What’s keep alive value of your WG server ?
Value of my server is 25
Why do you need keep alive? For me, it is not active.
Let’s try to remove it, thanks