Example Configuration - Roadwarrior with Windows Phone 8.1
- A Lumia 620 with WP 8.1 was used to create this configuration
- First execute the first step that is described in the Windows example
- Additionally, you need to execute the second step described in the Windows example
- Do not modify the /etc/ipsec.conf instead, modify the /etc/ipsec.user.conf by adding the following lines:
conn "Windows Phone"
eap_identity="Your EAP identity, from the client certificate" #Example: "C=DE, O=MyOrganization CA, CN=WindowsPhone Client"
- Restart the ipsec daemon, type /etc/init.d/ipsec restart
- Download and import the certificates to the device
- Usually, you can import the certificate by sending a mail that contains it.
- More information can be found under: https://msdn.microsoft.com/en-us/library/dn643705.aspx
- Go to Settings:
- Type in your domain name:
- Set the type to IKEv2
- For the connection, select that you use a certificate
- Select your imported certificate
- No need to enter domain authorization data
- As an optional step, you can choose that your host's certificate should be verified
- Choose a name for your profile
- Click Save
- By sliding the slider to On you can now view your profiles and manually activate them, if necessary:
- To deactivate the VPN, slide the slider back to Off