FireBrick Road Warrior iPhone iPad iOS8: Difference between revisions

Revision as of 14:03, 31 July 2015

Currently (June 2015) iPhone and iPad devices need a 'profile file' to be generated and then sent to the device. This file contains the IPsec details. FireBrick has a bash script that can be used (on a linux or windows machine with cygwin) to generate the gile.

make-profile tool

you can download the script from:

http://www.firebrick.co.uk/tools/make-profile

iPhone profile

Each iPhone needs a profile file specific to that user. Once created you can email this, or make a web link to it, and the iPhone will recognise it and allow it to be installed. Let's call it fred.mobileconfig for our user called fred as in the above example config.

./make-profile SERVER=IP-of-server LOCALID="Fred's iPhone" CA=ca-cert.pem SERVERID=server.example.com USERNAME=fred PROFNAME="Office VPN" VPNNAME=FireBrick fred.mobileconfig

Note that the SERVERID must match the FQDN entry used when making the server certificate, and hence the local-ID in the config for the connection.

VPN up on an iPhone

@@ Line 10: / Line 10: @@
 Each iPhone needs a profile file specific to that user. Once created you can email this, or make a web link to it, and the iPhone will recognise it and allow it to be installed. Let's call it <tt>fred.mobileconfig</tt> for our user called ''fred'' as in the above example config.
-<tt>./make-profile SERVER=''IP-of-server'' LOCALID="''Fred's iPhone''" CA=ca-cert.pem SERVERID=''server.example.com'' USERNAME=''fred'' PROFNAME="''Office VPN''" VPNNAME=FireBrick ''fred''.mobileconfig</tt>
+ ./make-profile SERVER=''IP-of-server'' LOCALID="''Fred's iPhone''" CA=ca-cert.pem SERVERID=''server.example.com'' USERNAME=''fred'' PROFNAME="''Office VPN''" VPNNAME=FireBrick ''fred''.mobileconfig
 Note that the SERVERID must match the FQDN entry used when making the server certificate, and hence the local-ID in the config for the connection.