12,290
edits
This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!
mNo edit summary |
mNo edit summary |
||
It is possible to connect an modern Apple Mac with OSX to a FireBrick over IPSEC with IKEv2 and EAP.
=OSX versions 10.11 El Capitan, and newer=▼
==Certificates==▼
*If you have El Capitan newer, then the built in VPN connection settings should just work. ▼
*If you're not using Let's Encrypt then you will still need to install the Certificate as above. ▼
*You can skip the StrongSwan parts below and just use the Network Settings to add a VPN IKEv2 connection.▼
===Create the VPN Connection===▼
[[File:Osx-firebrick-ipsec-config.png|thumb|Settings screen]]▼
#Go to Apple Menu - System Preferences▼
#Go to Network▼
#Click the + Icon on the bottom/left, and choose:▼
#*Interface: VPN▼
#*VPN Type: IKEv2▼
#*Service Name: e.g. 'FireBrick' or 'Office'▼
#On the next window fill in the information:▼
#*Server Address: Hostname or IP of your FireBrick. e.g.: server.example.com▼
#*Remote ID: The 'FQDN' of the Firebrick as created when you created the Certificate (Usually the full hostname of the FireBrick). e.g.: server.example.com▼
#*Local ID - leave empty▼
#In the Authentication Settings:▼
#*Username: your EAP Username as set on the FireBrick, e.g. fred▼
#*Password: your EAP Password as set on the FireBrick▼
#May as well tick 'Show VPN status in menu bar' as you'll then be able to connect etc. from the menu in your top bar▼
▲==Non-Lets Encrypt Certificates==
=== Getting the CA from the FireBrick ===
</gallery>
▲=OSX versions 10.11 El Capitan, and newer=
▲*If you have El Capitan newer, then the built in VPN connection settings should just work.
▲*If you're not using Let's Encrypt then you will still need to install the Certificate as above.
▲*You can skip the StrongSwan parts below and just use the Network Settings to add a VPN IKEv2 connection.
▲===Create the VPN Connection===
▲[[File:Osx-firebrick-ipsec-config.png|thumb|Settings screen]]
▲#Go to Apple Menu - System Preferences
▲#Go to Network
▲#Click the + Icon on the bottom/left, and choose:
▲#*Interface: VPN
▲#*VPN Type: IKEv2
▲#*Service Name: e.g. 'FireBrick' or 'Office'
▲#On the next window fill in the information:
▲#*Server Address: Hostname or IP of your FireBrick. e.g.: server.example.com
▲#*Remote ID: The 'FQDN' of the Firebrick as created when you created the Certificate (Usually the full hostname of the FireBrick). e.g.: server.example.com
▲#*Local ID - leave empty
▲#In the Authentication Settings:
▲#*Username: your EAP Username as set on the FireBrick, e.g. fred
▲#*Password: your EAP Password as set on the FireBrick
▲#May as well tick 'Show VPN status in menu bar' as you'll then be able to connect etc. from the menu in your top bar
=OSX version 10.10,'Yosemite' and earlier (Legacy information)=
|
edits