12,270
edits
FireBrick Road Warrior OSX: Difference between revisions
m
→Downloading & installing the StrongSwan Native Client
mNo edit summary |
|||
| (12 intermediate revisions by 2 users not shown) | |||
|
<indicator name="RoadW">[[File:Menu-Road-Warrior.svg|link=:Category:
== Getting the CA from the FireBrick ==
'''(This is not needed if you are using Let's Encrypt)'''
Note: this guide doesn't go into actual configuration of the FireBrick to be an endpoint, merely how to connect your Mac client to it. Therefore it is assumed the certificate already exists on the FireBrick. It may also be that this is emailed to you by whoever maintains your FireBrick, in which case skip this step. ▼
▲Note: this guide doesn't go into actual configuration of the FireBrick to be an endpoint, merely how to connect your Mac client to it. Therefore, it is assumed the certificate already exists on the FireBrick. It may also be that this is emailed to you by whoever maintains your FireBrick, in which case skip this step.
#Log into the Firebrick.
#Click on the Certificates menu beneath that.
#You should be presented with a list of certificates installed. Each line will look approximately as follows : [[File:Toothless_-_Cliff_s_test_FB2700_2700-0001-9224_Certificate_management.jpg]]
#At the right hand end of the row corresponding
== Installing the CA certificate into OSX ==
'''(This is not needed if you are using Let's Encrypt)'''
#Go to: Applications - Utilities - Keychain Access
#In the top/left area named 'Keychains, click on System
#In the bottom/left are named 'Category', click on Certificates
#Go to: File - Import Items
#Select the file you've downloaded,
#Review the certificate and then select Always Trust, you may be asked to confirm your apple user password.
</gallery>
=OSX versions 10.11
If you have
==Create the VPN Connection==
#Go to Apple Menu - System Preferences
#Go to Network
#*Interface: VPN
#*VPN Type: IKEv2
#*Service Name:
#On the next window fill in the information
#*Server Address: Hostname or IP of your FireBrick. e.g.: server.example.com
#*Remote ID: The 'FQDN' of the Firebrick as created when you created the Certificate (Usually the full hostname of the FireBrick). e.g.: server.example.com
#*Local ID - leave empty
#In the Authentication Settings:
#*Username: your EAP Username as set on the FireBrick, e.g. fred
#*Password: your EAP Password as set on the FireBrick
#May as well tick 'Show VPN status in menu bar' as you'll then be able to connect etc. from the menu in your top bar
=OSX version 10.10,'Yosemite' and
For versions
== Downloading & installing the StrongSwan Native Client ==
Usually on OSX, you can simply use the built in VPN settings as above.
Visit [http://download.strongswan.org/osx/ the download site] and download the latest binary. At the time of writing the latest version was '''strongswan-5.3.2-1.app.zip'''. Allow the machine to unarchive it; usually by selecting the "Open with Archive Utility" option. This will deposit the StrongSwan.app into your downloads directory. Drag the app from the downloads directory into your Applications folder. This completes installation of the StrongSwan Client.
StrongSwanOSXscreenshot.png|strongSwan OSX
</gallery>
==Configure strongSwan==
Run strong swan by either:
#Click Add Connection (Screenshot below)
##Name:
##Authentication IKEv2 EAP
##Server address: IP or Name of your FireBrick, e.g. server.example.com
##Click OK
#The first time, you may be asked to install a 'Helper' application for Strong Swan, your computer password will be required
#You'll be prompted for the password, this is the one as set up in the EAP Identity on the FireBrick (in this example, we had set up a user of fred with a password)
=Error: Unsupported integrity algorithm=
[[Category:
| |||