FireBrick Road Warrior iPhone iPad iOS8: Difference between revisions
m (→iPhone Profile) |
m (→iPhone Profile) |
||
Line 18: | Line 18: | ||
#Once the .mobileconfig file has been generated: |
#Once the .mobileconfig file has been generated: |
||
#Email the file to the iDevice. |
#Email the file to the iDevice. |
||
#The file should open in the 'Install Profile' app |
#The file should open in the 'Install Profile' app (Screenshot below) |
||
#Tap Install |
#Tap Install |
||
#Tap You'll be asked to review and then enter your pin (if you have one for the device) |
#Tap You'll be asked to review and then enter your pin (if you have one for the device) (Screenshot below) |
||
#Tap Install, and then Install again (yes the Third tap!) |
#Tap Install, and then Install again (yes the Third tap!) |
||
#Enter your password for the IPsec account (this is the one as set up in the EAP Identity on the FireBrick (in this example, we had set up a user of fred with a password) |
#Enter your password for the IPsec account (this is the one as set up in the EAP Identity on the FireBrick (in this example, we had set up a user of fred with a password) (Screenshot below) |
||
#Tap next |
#Tap next |
||
#Tap Done |
#Tap Done |
Revision as of 09:24, 3 August 2015
OS 8
Currently (June 2015) iPhone and iPad devices need a 'profile file' to be generated and then sent to the device. This file contains the IPsec details. FireBrick has a bash script that can be used (on a linux or windows machine with cygwin) to generate the file.
make-profile tool
You can download the script from:
http://www.firebrick.co.uk/tools/make-profile
iPhone Profile
Each iPhone needs a profile file specific to that user. Once created you can email this, or make a web link to it, and the iPhone will recognise it and allow it to be installed. Let's call it fred.mobileconfig for our user called fred as in the above example config.
./make-profile SERVER=IP-of-server LOCALID="Fred's iPhone" CA=ca-cert.pem SERVERID=server.example.com USERNAME=fred PROFNAME="Office VPN" VPNNAME=FireBrick fred.mobileconfig
Note that the SERVERID must match the FQDN entry used when making the server certificate, and hence the local-ID in the config for the connection.
- Once the .mobileconfig file has been generated:
- Email the file to the iDevice.
- The file should open in the 'Install Profile' app (Screenshot below)
- Tap Install
- Tap You'll be asked to review and then enter your pin (if you have one for the device) (Screenshot below)
- Tap Install, and then Install again (yes the Third tap!)
- Enter your password for the IPsec account (this is the one as set up in the EAP Identity on the FireBrick (in this example, we had set up a user of fred with a password) (Screenshot below)
- Tap next
- Tap Done
Deleting the VPN Profile
Removing the VPN is not as easy as you would think, the settings is actually a profile, so you need to delete the profile via:
Setting -> General -> Profile -> Click on your VPN profile -> Click Delete Profile
Connect
- Go to: Settings - VPN - Tap the On/off slider thing