ads

Style6

Style3[OneLeft]

Style3[OneRight]

Style4

Style5[ImagesOnly]

Style2

Task:  

Send end-user instructions on how to configure Android IKEv2 VPN clients.  

Solution:

Installation is a two-step process:

Step 1:  Install all three certificates.  The Administrator has sent a separate website link where you can download necessary certificates:  (a) user_device.PFX; (b) vpn_server.CER, and root.CER.  Open each attachment to start the installation.  Include the PFX password.

Step 2:  Configure the Android VPN client:  Android Settings → Connections → More Connection Settings → VPN → Add VPN.


VPN Settings (Figure 1):
N.B., Change the value for “IPSec user certificate” to “user_android”.
Figure 1.  Android IKEv2 VPN Settings.  
Hint:  VPN shortcut apps are available in the Google Play Store.  This provides a quick and easy method to connect.
For example:  https://play.google.com/store/apps/details?id=com.rosaneng.vpnsettings&hl=en


Also note, your device certificate contains a private key for your client certificate.  Anyone that gets a hold of this key can impersonate your account.  Please protect your device with a passcode and encryption.  This script is not intended for rooted devices.  I encourage you to delete this email from your mailbox after you’ve configured your devices. 

That's It!

About Steven Jordan

Steven Jordan is an infrastructure and process management specialist. Steven holds a Master of Science degree in ICT from the University of Wisconsin Stout. Steven is also a Cisco Certified Network Professional (CCNP) and Master Gardener.
«
Next
Newer Post
»
Previous
Older Post

3 comments:

  1. What android version do you have? I've never seen type IPSec IKEv2 RSA in any adnroid OS...

    ReplyDelete
    Replies
    1. I tested this out with a Samsung Galaxy 7 Edge. However I also connected with the strongSwan VPN client. It's free and works great with the Windows IKEv2 VPN.

      https://play.google.com/store/apps/details?id=org.strongswan.android

      Swan client settings:
      Server: FQDN
      VPN Type: IKEv2 Certificate
      User Certificate: Choose user certificate.
      User Identity: Default
      CA Authority: Choose your root CA.

      Alternately, use the Android SSTP client. It's $7.99 but well worth it:
      https://play.google.com/store/apps/details?id=it.colucciweb.sstpvpnclient

      Delete
  2. Took me time to read all the comments, but I really enjoyed the article. It proved to be Very helpful to me and I am sure to all the commenters here! It’s always nice when you can not only be informed, but also entertained! Productized service software

    ReplyDelete