Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
userdoc:tt_ipsec_vpn_apple_ios [2012/09/14 15:35] abelbeck |
userdoc:tt_ipsec_vpn_apple_ios [2013/02/19 22:52] abelbeck |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== IPsec VPN for iOS, OS X & Windows | + | ====== IPsec VPN Configuration |
The popular Apple iOS platform has limited VPN options, one of which is IPsec (Cisco) which uses IPsec + XAuth. \\ | The popular Apple iOS platform has limited VPN options, one of which is IPsec (Cisco) which uses IPsec + XAuth. \\ | ||
Line 16: | Line 16: | ||
The AstLinux Web Interface is used for configuration, | The AstLinux Web Interface is used for configuration, | ||
- | Network tab -> VPN Type: {{: | + | Network tab -> VPN Type:\\ |
+ | {{: | ||
The following IPsec Mobile Server Configuration (below) must be specified. | The following IPsec Mobile Server Configuration (below) must be specified. | ||
Line 96: | Line 97: | ||
===== Apple OS X Client Configuration ===== | ===== Apple OS X Client Configuration ===== | ||
- | After the IPsec server is configured and certificates generated, the final step is to install the CA and Peer certificates on your OS X notebook or desktop computer. | + | After the IPsec server is configured and certificates generated |
From the IPsec Mobile Server Configuration tab, download the credentials for the desired peer, mb13 for this example. | From the IPsec Mobile Server Configuration tab, download the credentials for the desired peer, mb13 for this example. | ||
Line 166: | Line 167: | ||
{{: | {{: | ||
- | The Shrew Soft VPN Client (v2.1.7) does not support password protected .p12 packages, so the unencrypted mb13.key, mb13.crt and ca.crt, | + | The Shrew Soft VPN Client (v2.1.7) does not support |
Line 172: | Line 173: | ||
**Shrew Soft VPN Client (v2.1.7) example: (Submitted by Tom Mazzotta)** | **Shrew Soft VPN Client (v2.1.7) example: (Submitted by Tom Mazzotta)** | ||
- | The Shrew Soft VPN Client does not access certificates installed into the Windows certificate store, so you need to copy your certificate files to a folder where they can be found. The installer creates the folder | + | The Shrew Soft VPN Client does not access certificates installed into the Windows certificate store, so you need to copy your certificate files to a folder where they can be found. The installer creates the folder: |
- | Technically the Shrew Soft VPN Client does support encrypted client certificates, | + | C: |
- | To enable split tunneling, add the networks found on the LAN side of your Astlinux box to the list on the " | + | It is suggested to copy the CA cert ('' |
+ | |||
+ | Technically, | ||
+ | |||
+ | To enable split tunneling, add the networks found on the LAN side of your Astlinux box to the list on the " | ||
{{: | {{: |