VPN for WINDOWS
1- Download the ikev2 certificate from the UCP - Home > Files. click
2- Install the certificate, click on install certificate button, and select Local Machine.
3- A prompt will appear asking for your permission to proceed with certificate installation. Click Yes. (this option requires you to have administrative privileges).
4- File import.
5- Password key, there is no password, leave blank and give Next.
6- Select Place all certificates in the following store and click Browse... Then select the Trusted Root Certification Authorities store. Proceed by clicking Next.
7- Click Finish on the next window to finish the installation of the IKEv2 certificate.
8- Certificate import was successful.
Now set up the connection
1- Click on the Windows Start menu, type in 'Control panel', and open Control panel application.
2- Click on the Network and Internet category.
3- Then select Network and Sharing Center tab.
4- Click on the Set up a new connection or network option.
5- Select the Connect to a workplace option and press Next.
6- Choose Use my Internet connection (VPN) method.
7- Enter the required information.
Internet address: Enter the domain name which you selected in the "Select your location" step.
Destination name: you can name this connection however you want.
Use a smart card: leave unchecked.
Remember my credentials: you can leave it unchecked if you wish to enter your credentials every time you connect.
Allow other people to use this connection: if you leave it unchecked, only the user setting up this connection will connect. (If you wish that all of the users would connect, you require Administrator rights.)
After filling in all the fields, click Create.
8- Press Create and right-click the adapter that you have created. Select Properties and open the Security tab.
Set the following options:
Type of VPN: IKEv2
Data encryption: Require encryption (disconnect if server declines)
Authentication: Use Extensible Authentication Protocol (EAP) and EAP-MSCHAPv2.
Then, click OK to save these changes.
9 -Open your Network settings (you can do so in the bottom right corner of the screen by pressing the Network icon) and select Network & Internet settings.
10- In the newly opened window, select VPN, click on the newly created connection and select Advanced options.
11- In the Advanced option settings, click Edit and fill in your service credentials (Username and Password) which you saved in the "Get your credentials" step. After that, click Save to confirm the changes.
12- Now, open your Network settings again, press on the newly created connection and click Connect.
You are now connected correctly!
VPN for ANDROID
Follow the next steps:
- Go to Play Store
- Donwload "strongSwan VPN Client"
- Download the ikev2 certificate from the UCP - Home > Files. click
- Open the strongSwan VPN Client application. You will see a screen like this. Tap on three vertical dots on the top right corner.
- A menu will pop up. Tap on CA certificates.
- A certificate list will appear. Tap on three vertical dots again.
- Tap Import certificate on the menu that appears.
- Search for the certificate file called "vpnptp_ikev2.ca.crt". A pop-up will appear which asks your permission to import the certificate. Tap
Import certificate . - Once you are back on the main screen, tap on Add VPN profile button on the top-right corner.
- You will see a screen where you will need to insert the required information.
- You will automatically return to the main screen. A new entry will appear, which is your connection profile. Tap on the profile to connect.
- You have successfully set up IKEv2 manual connection to VPNPTP servers.
- On your iOS device, navigate to Settings -> VPN and click on the Add VPN Configuration button.
- Enter the following configuration:
- Tap Done to finalize the setup.
- Your newly created VPN configuration is now available. Tap on the switch button to connect or disconnect.
- Download the ikev2 certificate from the UCP - Home > Files. click
- Then we import the certificate:
In the Server field enter the hostname of one of our servers from the "Select your server" step you will use.
In the username and password fields enter the service credentials from the vpnptp account.
In the CA Certificate field you can select the previously installed certificate or leave the "Select automatically" box selected.
In the profile name field, you can input the name of your choice. This field is optional and you can leave it empty.
VPN for IOS
This guide will help you set up an IPSec connection using IKEv2.
Type - IKEv2
Description - Any description to identify VPN server (Example: us1-VPNPTP)
Server - Choose any from the server list "here"
Remote ID - Same as the Server field
Local ID - Empty
User Authentication type - Username
Username - Your username VPNPTP account
Password - your password
Proxy settings - Off
VPN for MIKROTIK
/certificate import file-name=vpnptp_ikev2.ca.crt
passphrase:
certificates-imported: 1
private-keys-imported: 0
files-imported: 1
decryption-failures: 0
keys-with-no-certificate: 0- Now we configure the address-list: We assume that our LAN is 192.168.0.0/24
/ip firewall address-list
add list=ACL_to_vpnptp address=192.168.0.0/24- Configure mode-config
/ip ipsec mode-config
add src-address-list=ACL_to_vpnptp name=cfg_vpnptp responder=no- Configure phase 1.
/ip ipsec policy group
add name=group_vpnptp
/ip ipsec profile
add dh-group=ecp256,ecp384,ecp521 enc-algorithm=aes-256,aes-192,aes-128 hash-algorithm=sha256 name=pf_pha1_vpnptp- Configure phase 2.
/ip ipsec proposal
add auth-algorithms=sha256,sha1 name=pp_pha2_vpnptp- Configure peer and identity.
/ip ipsec peer
"Choose your server here"
add address=eu1.vpnptp.com exchange-mode=ike2 name="peer-vpnptp" profile=pf_pha1_vpnptp
/ip ipsec identity
add auth-method=eap certificate="" eap-methods=eap-mschapv2 generate-policy=port-strict mode-config=cfg_vpnptp password=your_password peer="peer-vpnptp" \
policy-template-group=group_vpnptp username=your_username- Configure policy.
/ip ipsec policy
add comment="Policy vpnptp" group=group_vpnptp proposal=pp_pha2_vpnptp template=yes