wiki.ipfire.org

The community-maintained documentation platform of IPFire

User Tools

Site Tools


en:configuration:services:ipsec:example_configuration-_roadwarrior_with_windows_phone

Example Configuration - Roadwarrior with Windows Phone 8.1

  • A Lumia 620 with WP 8.1 was used to create this configuration
  • First execute the first step that is described in the Windows example
  • Additionally, you need to execute the second step described in the Windows example
    • Do not modify the /etc/ipsec.conf instead, modify the /etc/ipsec.user.conf by adding the following lines:
conn "Windows Phone"
    leftauth=pubkey
    leftcert=/var/ipfire/certs/hostcert.pem
    leftsubnet=0.0.0.0/0
    right=%any
    rightauth=eap-tls
    rightsendcert=never
    rightsourceip=%dhcp
    eap_identity="Your EAP identity, from the client certificate" #Example: "C=DE, O=MyOrganization CA, CN=WindowsPhone Client"
    keyexchange=ikev2
    auto=add
  • Restart the ipsec daemon, type /etc/init.d/ipsec restart

Install certificates

Create connection

1) Go to Settings
Select VPN
Click Add
2) Type in your domain name
Set the type to IKEv2
For the connection, select that you use a certificate
Select your imported certificate
No need to enter domain authorization data
As an optional step, you can choose that your host's certificate should be verified
Choose a name for your profile
Click Save
3) By sliding the slider to On you can now view your profiles and manually activate them, if necessary
To deactivate the VPN, slide the slider back to Off
Translations of this page?:
en/configuration/services/ipsec/example_configuration-_roadwarrior_with_windows_phone.txt · Last modified: 2016/01/18 20:42 by wolf