Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick IPSEC on Apple MacOS X: Difference between revisions

From AAISP Support Site
Content deleted Content added
AA-Bloor (talk | contribs)
AA-Bloor (talk | contribs)
No edit summary
Line 1: Line 1:
It is possible to connect an Apple Mac with OSX to a FireBrick over IPSEC with IKEv2 and EAP. Regrettably the IPSEC facilities within OSX are not fully enough featured to achieve this alone, so some additional VPN client software can be installed called StrongSwan.
It is possible to connect an Apple Mac with OSX to a FireBrick over IPSEC with IKEv2 and EAP. Regrettably the IPSEC facilities within OSX are not fully enough featured to achieve this alone, so some additional VPN client software can be installed called StrongSwan.



== Downloading & installing the StrongSwan Native Client ==
== Downloading & installing the StrongSwan Native Client ==


Visit [http://download.strongswan.org/osx/] and download the latest binary. At the time of writing the latest version was '''strongswan-5.2.2-1.app.zip'''. Allow the machine to unarchive it; usually by selecting the "Open with Archive Utility" option. This will deposit the StrongSwan.app into your downloads directory. Drag the app from the downloads directory into your Applications folder. This completes installation of the StrongSwan Client.
Visit [http://download.strongswan.org/osx/ the download site] and download the latest binary. At the time of writing the latest version was '''strongswan-5.2.2-1.app.zip'''. Allow the machine to unarchive it; usually by selecting the "Open with Archive Utility" option. This will deposit the StrongSwan.app into your downloads directory. Drag the app from the downloads directory into your Applications folder. This completes installation of the StrongSwan Client.


== Getting the CA from the FireBrick ==
== Getting the CA from the FireBrick ==

Revision as of 11:43, 4 February 2015

It is possible to connect an Apple Mac with OSX to a FireBrick over IPSEC with IKEv2 and EAP. Regrettably the IPSEC facilities within OSX are not fully enough featured to achieve this alone, so some additional VPN client software can be installed called StrongSwan.

Downloading & installing the StrongSwan Native Client

Visit the download site and download the latest binary. At the time of writing the latest version was strongswan-5.2.2-1.app.zip. Allow the machine to unarchive it; usually by selecting the "Open with Archive Utility" option. This will deposit the StrongSwan.app into your downloads directory. Drag the app from the downloads directory into your Applications folder. This completes installation of the StrongSwan Client.

Getting the CA from the FireBrick

Note: this guide doesn't go into actual configuration of the FireBrick to be an endpoint, merely how to connect your Mac client to it. Therefore it is assumed the certificate already exists on the FireBrick. It may also be that this is emailed to you by whoever maintains your FireBrick, in which case skip this step.

1. Log into the Firebrick.

2. Click on the Config menu in the bar on the left.

3. Click on the Certificates menu beneath that.

4. You should be presented with a list of certificates installed. Each line will look approximately as follows :

5. At the right hand end of the row corresponding the the certificate you wish to download, click on the PEM link.

Installing the certificate into OSX