Welcome to the IPFire Wiki

This wiki is a community-maintained resource about everything there is to know about IPFire.

Please join in and help us improving it!

Example Configuration - Roadwarrior with Windows Phone 8.1

  • A Lumia 620 with WP 8.1 was used to create this configuration
  • First execute the first step that is described in the Windows example
  • Additionally, you need to execute the second step described in the Windows example
    • Do not modify the /etc/ipsec.conf instead, modify the /etc/ipsec.user.conf by adding the following lines:

conn "Windows Phone"
leftauth=pubkey
leftcert=/var/ipfire/certs/hostcert.pem
leftsubnet=0.0.0.0/0
right=%any
rightauth=eap-tls
rightsendcert=never
rightsourceip=%dhcp
eap_identity="Your EAP identity, from the client certificate" #Example: "C=DE, O=MyOrganization CA, CN=WindowsPhone Client"
keyexchange=ikev2
auto=add

  • Restart the ipsec daemon, type /etc/init.d/ipsec restart

Install certificates

  • Download and import the certificates to the device
    • Usually, you can import the certificate by sending a mail that contains it.
    • More information can be found under: https://msdn.microsoft.com/en-us/library/dn643705.aspx

Create connection

1) Go to Settings \ Select VPN \ Click Add
2) Type in your domain name \ Set the type to IKEv2 \ For the connection, select that you use a certificate \ Select your imported certificate \ No need to enter domain authorization data \ As an optional step, you can choose that your host's certificate should be verified \ Choose a name for your profile \ Click Save
--- ---
3) By sliding the slider to On you can now view your profiles and manually activate them, if necessary \ To deactivate the VPN, slide the slider back to Off
--- ---
Edit Page ‐ Yes, you can edit!

Older Revisions • January 18, 2016 at 8:42 pm