VPN for WINDOWS

1- Download the ikev2 certificate from the UCP - Home > Files. click



2- Install the certificate, click on install certificate button, and select Local Machine.



3- A prompt will appear asking for your permission to proceed with certificate installation. Click Yes. (this option requires you to have administrative privileges).



4- File import.

Responsive image

5- Password key, there is no password, leave blank and give Next.

Responsive image

6- Select Place all certificates in the following store and click Browse... Then select the Trusted Root Certification Authorities store. Proceed by clicking Next.

Responsive image

7- Click Finish on the next window to finish the installation of the IKEv2 certificate.

Responsive image

8- Certificate import was successful.

Responsive image


Now set up the connection

1- Click on the Windows Start menu, type in 'Control panel', and open Control panel application.

Responsive image

2- Click on the Network and Internet category.

Responsive image

3- Then select Network and Sharing Center tab.

Responsive image

4- Click on the Set up a new connection or network option.

Responsive image

5- Select the Connect to a workplace option and press Next.

Responsive image

6- Choose Use my Internet connection (VPN) method.

Responsive image

7- Enter the required information.

Responsive image

Internet address: Enter the domain name which you selected in the "Select your location" step.
Destination name: you can name this connection however you want.
Use a smart card: leave unchecked.
Remember my credentials: you can leave it unchecked if you wish to enter your credentials every time you connect.
Allow other people to use this connection: if you leave it unchecked, only the user setting up this connection will connect. (If you wish that all of the users would connect, you require Administrator rights.)
After filling in all the fields, click Create.

8- Press Create and right-click the adapter that you have created. Select Properties and open the Security tab.

Responsive image

Set the following options:
Type of VPN: IKEv2
Data encryption: Require encryption (disconnect if server declines)
Authentication: Use Extensible Authentication Protocol (EAP) and EAP-MSCHAPv2.


Then, click OK to save these changes.

9 -Open your Network settings (you can do so in the bottom right corner of the screen by pressing the Network icon) and select Network & Internet settings.

Responsive image

10- In the newly opened window, select VPN, click on the newly created connection and select Advanced options.

Responsive image

11- In the Advanced option settings, click Edit and fill in your service credentials (Username and Password) which you saved in the "Get your credentials" step. After that, click Save to confirm the changes.

Responsive image

Responsive image

12- Now, open your Network settings again, press on the newly created connection and click Connect.

Responsive image

You are now connected correctly!





VPN for ANDROID

Follow the next steps:

  • Go to Play Store
  • Donwload "strongSwan VPN Client"

  • Responsive image

  • Download the ikev2 certificate from the UCP - Home > Files. click

  • Responsive image

  • Open the strongSwan VPN Client application. You will see a screen like this. Tap on three vertical dots on the top right corner.

  • Responsive image

  • A menu will pop up. Tap on CA certificates.

  • Responsive image

  • A certificate list will appear. Tap on three vertical dots again.

  • Responsive image

  • Tap Import certificate on the menu that appears.

  • Responsive image

  • Search for the certificate file called "vpnptp_ikev2.ca.crt". A pop-up will appear which asks your permission to import the certificate. Tap Import certificate.

  • Responsive image

  • Once you are back on the main screen, tap on Add VPN profile button on the top-right corner.

  • Responsive image

  • You will see a screen where you will need to insert the required information.

  • Responsive image

    In the Server field enter the hostname of one of our servers from the "Select your server" step you will use.
    In the username and password fields enter the service credentials from the vpnptp account.
    In the CA Certificate field you can select the previously installed certificate or leave the "Select automatically" box selected.
    In the profile name field, you can input the name of your choice. This field is optional and you can leave it empty.

  • You will automatically return to the main screen. A new entry will appear, which is your connection profile. Tap on the profile to connect.

  • Responsive image

  • You have successfully set up IKEv2 manual connection to VPNPTP servers.





  • VPN for IOS

    This guide will help you set up an IPSec connection using IKEv2.

    • On your iOS device, navigate to Settings -> VPN and click on the Add VPN Configuration button.
    • Enter the following configuration:

    Type - IKEv2
    Description - Any description to identify VPN server (Example: us1-VPNPTP)
    Server - Choose any from the server list "here"
    Remote ID - Same as the Server field
    Local ID - Empty
    User Authentication type - Username
    Username - Your username VPNPTP account
    Password - your password
    Proxy settings - Off

    • Tap Done to finalize the setup.
    • Your newly created VPN configuration is now available. Tap on the switch button to connect or disconnect.





    VPN for MIKROTIK

    • Download the ikev2 certificate from the UCP - Home > Files. click



    • Then we import the certificate:

    /certificate import file-name=vpnptp_ikev2.ca.crt
                  passphrase: 
                     certificates-imported: 1
                     private-keys-imported: 0
                            files-imported: 1
                       decryption-failures: 0
                  keys-with-no-certificate: 0
    Now we configure the ikev2 client.

    • Now we configure the address-list: We assume that our LAN is 192.168.0.0/24

    /ip firewall address-list
     add list=ACL_to_vpnptp address=192.168.0.0/24
    • Configure mode-config

    /ip ipsec mode-config
     add src-address-list=ACL_to_vpnptp name=cfg_vpnptp responder=no
    • Configure phase 1.

    /ip ipsec policy group
     add name=group_vpnptp
    /ip ipsec profile
     add dh-group=ecp256,ecp384,ecp521 enc-algorithm=aes-256,aes-192,aes-128 hash-algorithm=sha256 name=pf_pha1_vpnptp
    • Configure phase 2.

    /ip ipsec proposal
     add auth-algorithms=sha256,sha1 name=pp_pha2_vpnptp
    • Configure peer and identity.

    /ip ipsec peer
    "Choose your server here"			   
     add address=eu1.vpnptp.com exchange-mode=ike2 name="peer-vpnptp" profile=pf_pha1_vpnptp
    /ip ipsec identity
     add auth-method=eap certificate="" eap-methods=eap-mschapv2 generate-policy=port-strict mode-config=cfg_vpnptp password=your_password peer="peer-vpnptp" \
     policy-template-group=group_vpnptp username=your_username
    • Configure policy.

    /ip ipsec policy
     add comment="Policy vpnptp" group=group_vpnptp proposal=pp_pha2_vpnptp template=yes