VPN for WINDOWS
1- Download the ikev2 certificate from the UCP - Home > Files. click
2- Install the certificate, click on install certificate button, and select Local Machine.
3- A prompt will appear asking for your permission to proceed with certificate installation. Click Yes. (this option requires you to have administrative privileges).
4- File import.
5- Password key, there is no password, leave blank and give Next.
6- Select Place all certificates in the following store and click Browse... Then select the Trusted Root Certification Authorities store. Proceed by clicking Next.
7- Click Finish on the next window to finish the installation of the IKEv2 certificate.
8- Certificate import was successful.
Now set up the connection
1- Click on the Windows Start menu, type in 'Control panel', and open Control panel application.
2- Click on the Network and Internet category.
3- Then select Network and Sharing Center tab.
4- Click on the Set up a new connection or network option.
5- Select the Connect to a workplace option and press Next.
6- Choose Use my Internet connection (VPN) method.
7- Enter the required information.
Internet address: Enter the domain name which you selected in the "Select your location" step.
Destination name: you can name this connection however you want.
Use a smart card: leave unchecked.
Remember my credentials: you can leave it unchecked if you wish to enter your credentials every time you connect.
Allow other people to use this connection: if you leave it unchecked, only the user setting up this connection will connect. (If you wish that all of the users would connect, you require Administrator rights.)
After filling in all the fields, click Create.
8- Press Create and right-click the adapter that you have created. Select Properties and open the Security tab.
Set the following options:
Type of VPN: IKEv2
Data encryption: Require encryption (disconnect if server declines)
Authentication: Use Extensible Authentication Protocol (EAP) and EAP-MSCHAPv2.
Then, click OK to save these changes.
9 -Open your Network settings (you can do so in the bottom right corner of the screen by pressing the Network icon) and select Network & Internet settings.
10- In the newly opened window, select VPN, click on the newly created connection and select Advanced options.
11- In the Advanced option settings, click Edit and fill in your service credentials (Username and Password) which you saved in the "Get your credentials" step. After that, click Save to confirm the changes.
12- Now, open your Network settings again, press on the newly created connection and click Connect.
You are now connected correctly!
VPN for ANDROID
Follow the next steps:
Now we configure the ikev2 client.
/certificate import file-name=vpnptp_ikev2.ca.crt
- Now we configure the address-list: We assume that our LAN is 192.168.0.0/24
/ip firewall address-list
add list=ACL_to_vpnptp address=192.168.0.0/24
/ip ipsec mode-config
add src-address-list=ACL_to_vpnptp name=cfg_vpnptp responder=no
/ip ipsec policy group
/ip ipsec profile
add dh-group=ecp256,ecp384,ecp521 enc-algorithm=aes-256,aes-192,aes-128 hash-algorithm=sha256 name=pf_pha1_vpnptp
/ip ipsec proposal
add auth-algorithms=sha256,sha1 name=pp_pha2_vpnptp
- Configure peer and identity.
/ip ipsec peer
"Choose your server here"
add address=eu1.vpnptp.com exchange-mode=ike2 name="peer-vpnptp" profile=pf_pha1_vpnptp
/ip ipsec identity
add auth-method=eap certificate="" eap-methods=eap-mschapv2 generate-policy=port-strict mode-config=cfg_vpnptp password=your_password peer="peer-vpnptp" \
/ip ipsec policy
add comment="Policy vpnptp" group=group_vpnptp proposal=pp_pha2_vpnptp template=yes