FireBrick Road Warrior iPhone iPad iOS8: Difference between revisions

Back up to the FireBrick Road Warrior Category Page
From AAISP Support Site
Line 18: Line 18:
#Once the .mobileconfig file has been generated:
#Once the .mobileconfig file has been generated:
#Email the file to the iDevice.
#Email the file to the iDevice.
#The file should open in the 'Install Profile' app
#The file should open in the 'Install Profile' app (Screenshot below)
#Tap Install
#Tap Install
#Tap You'll be asked to review and then enter your pin (if you have one for the device)
#Tap You'll be asked to review and then enter your pin (if you have one for the device) (Screenshot below)
#Tap Install, and then Install again (yes the Third tap!)
#Tap Install, and then Install again (yes the Third tap!)
#Enter your password for the IPsec account (this is the one as set up in the EAP Identity on the FireBrick (in this example, we had set up a user of fred with a password)
#Enter your password for the IPsec account (this is the one as set up in the EAP Identity on the FireBrick (in this example, we had set up a user of fred with a password) (Screenshot below)
#Tap next
#Tap next
#Tap Done
#Tap Done

Revision as of 09:24, 3 August 2015


OS 8

Currently (June 2015) iPhone and iPad devices need a 'profile file' to be generated and then sent to the device. This file contains the IPsec details. FireBrick has a bash script that can be used (on a linux or windows machine with cygwin) to generate the file.

make-profile tool

You can download the script from:

http://www.firebrick.co.uk/tools/make-profile

iPhone Profile

Each iPhone needs a profile file specific to that user. Once created you can email this, or make a web link to it, and the iPhone will recognise it and allow it to be installed. Let's call it fred.mobileconfig for our user called fred as in the above example config.

./make-profile SERVER=IP-of-server LOCALID="Fred's iPhone" CA=ca-cert.pem SERVERID=server.example.com USERNAME=fred PROFNAME="Office VPN" VPNNAME=FireBrick fred.mobileconfig

Note that the SERVERID must match the FQDN entry used when making the server certificate, and hence the local-ID in the config for the connection.

  1. Once the .mobileconfig file has been generated:
  2. Email the file to the iDevice.
  3. The file should open in the 'Install Profile' app (Screenshot below)
  4. Tap Install
  5. Tap You'll be asked to review and then enter your pin (if you have one for the device) (Screenshot below)
  6. Tap Install, and then Install again (yes the Third tap!)
  7. Enter your password for the IPsec account (this is the one as set up in the EAP Identity on the FireBrick (in this example, we had set up a user of fred with a password) (Screenshot below)
  8. Tap next
  9. Tap Done


Deleting the VPN Profile

Removing the VPN is not as easy as you would think, the settings is actually a profile, so you need to delete the profile via:

Setting -> General -> Profile -> Click on your VPN profile -> Click Delete Profile

Connect

  1. Go to: Settings - VPN - Tap the On/off slider thing
VPN up on an iPhone