|
|
| (One intermediate revision by the same user not shown) |
| Line 5: |
Line 5: |
|
dialogs and messages seen may not be exactly as shown here. |
|
dialogs and messages seen may not be exactly as shown here. |
|
|
|
|
|
|
|
| ⚫ |
=Not using Lets Encrypt?= |
|
| ⚫ |
If you using the built-in ACME system for managing a Lets Encrypt certificate then you can skip this Certificate section and jump to the sectoion below to just set up the VPN credentials. |
|
|
|
|
| ⚫ |
===Download the Certificate=== |
|
| ⚫ |
'''This is not needed if you are using Lets Encrypt on the FireBrick''' |
|
| ⚫ |
The CA certificate needs to be installed on the Windows machine using an account with administrator privileges. |
|
|
|
|
| ⚫ |
First, download the CA certificate in DER format to the Windows machine. The easiest way to do this is to@ |
|
| ⚫ |
#Use a browser (e.g. 'Edge') to visit your FireBrick |
|
| ⚫ |
##Go to: Config - Certificates to reach the certificate management page |
|
| ⚫ |
##Click on the Download DER link corresponding to the CA certificate. |
|
| ⚫ |
##Save it in a suitable location on the Windows machine. Note that you must download the certificate in DER format - windows machines do not recognize PEM format. The file will be given the <tt>.crt</tt> extension. |
|
| ⚫ |
#If using the 'Edge' Browser, then click the Open button once the file as downloaded |
|
|
|
|
| ⚫ |
==Install the certificate== |
|
| ⚫ |
#You have downloaded the CA certifcate in DER format, and you'll have a file ending in .crt |
|
| ⚫ |
#Double click on the file to open it, you may get a Warning (see screenshot) |
|
| ⚫ |
#The certificate will be opened, Click install certificate |
|
| ⚫ |
#The 'Welcome to the Certificate Import Wizard' screen opens, select '''Local Machine''', then '''Next''' (see screenshot) |
|
| ⚫ |
#You will be prompted allow this action and maybe asked to enter in the Administrator password of the computer, do this. |
|
| ⚫ |
#Select ''''Place all certificates in the following store'''' (see screenshot) |
|
| ⚫ |
|
|
| ⚫ |
#Select ''''Trusted Root Certification Authorities'''', click OK. (see screenshot) |
|
| ⚫ |
#You'll now be back at the screen you were on previously, Click '''Next''' (see screenshot) |
|
| ⚫ |
# The 'Completing the Certificate Import Wizard' screen shows, Click '''Finish''' (see screenshot) |
|
| ⚫ |
#A little window pops up saying 'The import was successful', click '''OK''' (see screenshot) |
|
| ⚫ |
#You can now click OK on the original ''''Certificate'''' window to close it |
|
|
|
|
| ⚫ |
<gallery heights=149 mode="packed" caption="Screenshots of installing the certificate on Windows 10"> |
|
| ⚫ |
IPsec-Win10-1-OpenCert.PNG|Click on the file, you may get a Warning |
|
| ⚫ |
IPsec-Win10-2-ReviewCert.PNG|The certificate will be opened, Click install certificate |
|
| ⚫ |
IPsec-Win10-3-InstallCert.PNG|The 'Welcome to the Certificate Import Wizard' screen opens, select Local Machine, then Next |
|
| ⚫ |
IPsec-Win10-4-InstallCert-store.PNG|Select ' Place all certificates in the following store', Click Browse |
|
| ⚫ |
IPsec-Win10-5-InstallCert-trusted.PNG|Select 'Trusted Root Certification Authorities', click OK. |
|
| ⚫ |
IPsec-Win10-6-InstallCert-finished.PNG|The 'Completing the Certificate Import Wizard' screen shows |
|
| ⚫ |
IPsec-Win10-7-InstallCert-success.PNG|A little window pops up saying 'The import was successful' |
|
| ⚫ |
|
|
|
|
|
|
|
=Configure the VPN= |
|
=Configure the VPN= |
| Line 102: |
Line 64: |
|
|
|
|
|
=Help= |
|
=Help= |
|
|
|
|
|
|
|
⚫ |
==Not using Lets Encrypt? == |
|
⚫ |
If you using the built-in ACME system for managing a Lets Encrypt certificate then you can skip this Certificate section and jump to the sectoion below to just set up the VPN credentials. |
|
|
|
|
⚫ |
===Download the Certificate=== |
|
⚫ |
'''This is not needed if you are using Lets Encrypt on the FireBrick''' |
|
|
|
|
⚫ |
The CA certificate needs to be installed on the Windows machine using an account with administrator privileges. |
|
|
|
|
⚫ |
First, download the CA certificate in DER format to the Windows machine. The easiest way to do this is to@ |
|
⚫ |
#Use a browser (e.g. 'Edge') to visit your FireBrick |
|
⚫ |
##Go to: Config - Certificates to reach the certificate management page |
|
⚫ |
##Click on the Download DER link corresponding to the CA certificate. |
|
⚫ |
##Save it in a suitable location on the Windows machine. Note that you must download the certificate in DER format - windows machines do not recognize PEM format. The file will be given the <tt>.crt</tt> extension. |
|
⚫ |
#If using the 'Edge' Browser, then click the Open button once the file as downloaded |
|
|
|
|
⚫ |
===Install the certificate === |
|
⚫ |
#You have downloaded the CA certifcate in DER format, and you'll have a file ending in .crt |
|
⚫ |
#Double click on the file to open it, you may get a Warning (see screenshot) |
|
⚫ |
#The certificate will be opened, Click install certificate |
|
⚫ |
#The 'Welcome to the Certificate Import Wizard' screen opens, select '''Local Machine''', then '''Next''' (see screenshot) |
|
⚫ |
#You will be prompted allow this action and maybe asked to enter in the Administrator password of the computer, do this. |
|
⚫ |
#Select ''''Place all certificates in the following store'''' (see screenshot) |
|
⚫ |
|
|
⚫ |
#Select ''''Trusted Root Certification Authorities'''', click OK. (see screenshot) |
|
⚫ |
#You'll now be back at the screen you were on previously, Click '''Next''' (see screenshot) |
|
⚫ |
# The 'Completing the Certificate Import Wizard' screen shows, Click '''Finish''' (see screenshot) |
|
⚫ |
#A little window pops up saying 'The import was successful', click '''OK''' (see screenshot) |
|
⚫ |
#You can now click OK on the original ''''Certificate'''' window to close it |
|
|
|
|
⚫ |
<gallery heights=149 mode="packed" caption="Screenshots of installing the certificate on Windows 10"> |
|
⚫ |
IPsec-Win10-1-OpenCert.PNG|Click on the file, you may get a Warning |
|
⚫ |
IPsec-Win10-2-ReviewCert.PNG|The certificate will be opened, Click install certificate |
|
⚫ |
IPsec-Win10-3-InstallCert.PNG|The 'Welcome to the Certificate Import Wizard' screen opens, select Local Machine, then Next |
|
⚫ |
IPsec-Win10-4-InstallCert-store.PNG|Select ' Place all certificates in the following store', Click Browse |
|
⚫ |
IPsec-Win10-5-InstallCert-trusted.PNG|Select 'Trusted Root Certification Authorities', click OK. |
|
⚫ |
IPsec-Win10-6-InstallCert-finished.PNG|The 'Completing the Certificate Import Wizard' screen shows |
|
⚫ |
IPsec-Win10-7-InstallCert-success.PNG|A little window pops up saying 'The import was successful' |
|
⚫ |
|
|
|
|
|
|
|
|
==IKE authentication credentials are unacceptable== |
|
==IKE authentication credentials are unacceptable== |
|
[[File:IKE2-Win10Error-IKEAuth.PNG|none|frame|Error: IKE authentication credentials are unacceptable]] |
|
[[File:IKE2-Win10Error-IKEAuth.PNG|none|frame|Error: IKE authentication credentials are unacceptable]] |
