Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick Road Warrior OSX: Difference between revisions

← Older editNewer edit →
Content deleted Content added
AA-Andrew (talk | contribs)
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,662 edits
Reedy (talk | contribs)
editor
706 edits
m clean up, typos fixed: Therefore → Therefore,, etc → etc. , eg → e.g. (7), the the → the
Line 1: Line 1:
<indicator name="RoadW">[[File:Menu-Road-Warrior.svg|link=:Category:FireBrick_IPsec_Road_Warrior|30px|Back up to the FireBrick Road Warrior Category Page]]</indicator>
<indicator name="RoadW">[[File:Menu-Road-Warrior.svg|link=:Category:FireBrick IPsec Road Warrior|30px|Back up to the FireBrick Road Warrior Category Page]]</indicator>




Line 6: Line 6:
== Getting the CA from the FireBrick ==
== Getting the CA from the FireBrick ==


Note: this guide doesn't go into actual configuration of the FireBrick to be an endpoint, merely how to connect your Mac client to it. Therefore it is assumed the certificate already exists on the FireBrick. It may also be that this is emailed to you by whoever maintains your FireBrick, in which case skip this step.
Note: this guide doesn't go into actual configuration of the FireBrick to be an endpoint, merely how to connect your Mac client to it. Therefore, it is assumed the certificate already exists on the FireBrick. It may also be that this is emailed to you by whoever maintains your FireBrick, in which case skip this step.


#Log into the Firebrick.
#Log into the Firebrick.
Line 12: Line 12:
#Click on the Certificates menu beneath that.
#Click on the Certificates menu beneath that.
#You should be presented with a list of certificates installed. Each line will look approximately as follows : [[File:Toothless_-_Cliff_s_test_FB2700_2700-0001-9224_Certificate_management.jpg]]
#You should be presented with a list of certificates installed. Each line will look approximately as follows : [[File:Toothless_-_Cliff_s_test_FB2700_2700-0001-9224_Certificate_management.jpg]]
#At the right hand end of the row corresponding the the certificate you wish to download, click on the PEM link.
#At the right hand end of the row corresponding the certificate you wish to download, click on the PEM link.


== Installing the CA certificate into OSX ==
== Installing the CA certificate into OSX ==
Line 19: Line 19:
#In the bottom/left are named 'Category', click on Certificates
#In the bottom/left are named 'Category', click on Certificates
#Go to: File - Import Items
#Go to: File - Import Items
#Select the file you've downloaded, eg ca-cert.pem
#Select the file you've downloaded, e.g. ca-cert.pem
#Review the certificate and then select Always Trust, you may be asked to confirm your apple user password.
#Review the certificate and then select Always Trust, you may be asked to confirm your apple user password.


Line 30: Line 30:
If you have El Capitan or Sierra then the built in VPN connection settings should just work. You will still need to install the Certificate as above, but you can skip the StrongSwan parts below and just use the Network Settings to add a VPN IKEv2 connection.
If you have El Capitan or Sierra then the built in VPN connection settings should just work. You will still need to install the Certificate as above, but you can skip the StrongSwan parts below and just use the Network Settings to add a VPN IKEv2 connection.


==Create the VPN Connection:==
==Create the VPN Connection==
#Go to Apple Menu - System Preferences
#Go to Apple Menu - System Preferences
#Go to Network
#Go to Network
Line 36: Line 36:
#*Interface: VPN
#*Interface: VPN
#*VPN Type: IKEv2
#*VPN Type: IKEv2
#*Service Name: eg 'FireBrick' or 'Office'
#*Service Name: e.g. 'FireBrick' or 'Office'
#On the next window fill in the information:
#On the next window fill in the information:
#*Server Address: Hostname or IP of your FireBrick. eg: server.example.com
#*Server Address: Hostname or IP of your FireBrick. e.g.: server.example.com
#*Remote ID: The 'FQDN' of the Firebrick as created when you created the Certificate (Usually the full hostname of the FireBrick). eg: server.example.com
#*Remote ID: The 'FQDN' of the Firebrick as created when you created the Certificate (Usually the full hostname of the FireBrick). e.g.: server.example.com
#*Local ID - leave empty
#*Local ID - leave empty
#In the Authentication Settings:
#In the Authentication Settings:
#*Username: your EAP Username as set on the FireBrick, eg fred
#*Username: your EAP Username as set on the FireBrick, e.g. fred
#*Password: your EAP Password as set on the FireBrick
#*Password: your EAP Password as set on the FireBrick
#May as well tick 'Show VPN status in menu bar' as you'll then be able to connect etc from the menu in your top bar
#May as well tick 'Show VPN status in menu bar' as you'll then be able to connect etc. from the menu in your top bar


=OSX version 10.10,'Yosemite' and earlier=
=OSX version 10.10,'Yosemite' and earlier=
Line 65: Line 65:


#Click Add Connection (Screenshot below)
#Click Add Connection (Screenshot below)
##Name: eg FireBrick (Screenshot below)
##Name: e.g. FireBrick (Screenshot below)
##Authentication IKEv2 EAP
##Authentication IKEv2 EAP
##Server address: IP or Name of your FireBrick, eg server.example.com
##Server address: IP or Name of your FireBrick, e.g. server.example.com
##Click OK
##Click OK


Line 101: Line 101:




[[Category:FireBrick_IPsec_Road_Warrior|OS X]]
[[Category:FireBrick IPsec Road Warrior|OS X]]
Retrieved from "http://support.aa.net.uk/FireBrick_Road_Warrior_OSX"