| 90.5. iPhone/iPad native IPsec VPN client with IKEv2 Mode | ||
|---|---|---|
 | Chapter 90. IPsec clients |  |
| 90.5. iPhone/iPad native IPsec VPN client with IKEv2 Mode | ||
|---|---|---|
| | Chapter 90. IPsec clients | |
This table show the parameters of iPhone/iPad native IKEv2 and their corresponding parameters in Abilis configuration. The information must be inserted in a “mirror” way: i.e. “LOCAL” information for Abilis are “REMOTE” for IKEv2 VPN client and vice versa.
Table 90.6. Checklist of parameters
| The iPhone/iPad native IKEv2 parameter | Abilis IKE Table | Abilis IKE Table parameter |
|---|---|---|
| Server | HOST | LOC-IP |
| Remote ID | HOST | ID |
| Local ID | HOST | PEER-ID |
| Secret | PSK | KEY |
Please enter the following commands to configure the VPN in Abilis. Refer to Section 83.19.1, “How to configure a RAS using IPSEC VPN server” to for the configuration of IPsec and IKE resources.
[14:51:53] ABILIS_CPX:a ike host:1 mode:ike2 locip:80.80.80.80 remip:* side:inside hash:sha256 id-type:FQDN id:abilis peer-id-type:FQDN peer-id:iphone name:iPhone_IKE2COMMAND EXECUTED [14:55:35] ABILIS_CPX:a ike cli:1 host:1 net-loc:0.0.0.0/0 net-rem:10.0.2.1/32 pfs:no esp-auth:sha256 name:iPhone_IKE2_CliCOMMAND EXECUTED [14:55:44] ABILIS_CPX:a ike psk:1 key:24iphone20ike2pskey$ peer-id-type:fqdn peer-id:iphoneCOMMAND EXECUTED
![[Caution]](../images/caution.png) | Caution |
|---|---|
To activate the changes made, execute the initialization command init res:ike. |
To view the configuration made above, use the following commands.
[14:57:49] ABILIS_CPX:d ike host:1 -cli------------------------------------------------------------------------------- HOST: NAME: LIFETIME: HASH: DPD: DPD-ACTION: LOCIP: NATT: MODE: MODE-CFG: DH: DPD-DELAY: REMIP: SIDE: AUTH: AUTH2: CIPHER: SA-TRY: DPD-TOUT: AUTH2-USER: AUTH2-PWD: -- ID ------------------------------------------------------------------- ID-TYPE: IP:/ID: PEER-ID-TYPE: PEER-IP:/PEER-ID: -- RSA Cert ------------------------------------------------------------- CERT-SEND: ASN1-DN: CERT-PEER: PEER-ASN1-DN: CERT-VERIFY: ------------------------------------------------------------------------------- 1 iphone_IKE2 3600 SHA256 YES STOP 080.080.080.080 YES IKE2 MODP2048 30 * INSIDE PSK NO AES256 3 120 -- ID ------------------------------------------------------------------- FQDN abilis FQDN iphone ------------------------------------------------------------------------------- IKE Clients: ------------------------------------------------------------------------------- CLI: NAME: LIFETIME: ESP: AH: HOST: NET-LOC: RULE: PASSIVE: PFS: ESP-AUTH: AH-AUTH: NET-REM: PERMANENT: TUNNEL: ESP-CIPHER: MODE-CFG-DNS: ------------------------------------------------------------------------------- 1 iPhone_IKE2_Cli 28800 YES NO 1 000.000.000.000/00 IPSEC YES NO SHA256 SHA1 010.000.002.001/32 YES YES AES256 SYS ------------------------------------------------------------------------------- [14:57:52] ABILIS_CPX:d ike psk:1------------------------------------------------------------------------------- PSK: KEY: PEER-ID-TYPE: PEER-IP:/PEER-ID: ------------------------------------------------------------------------------- 1 ******** FQDN iphone
To configure an Apple iOS device for IPsec VPN connection with Abilis:
Click the Settings icon on your iOS device.
Then click General:
Click VPN:
Now click Add VPN Configuration:
Now enter the configuration parameters:
Click Done in the upper-right corner and you should now see this screen:
Click the Not Connected slider button and wait for it say Connected. The VPN icon appears in the status bar to indicate that the connection is successful.
In the future, you can turn the VPN on/off very quickly by simply going to Settings > VPN and toggling the slider button.
| |  | |
| 90.4. iPhone/iPad native IPsec VPN client with Aggressive Mode |  | 90.6. Android native VPN Client with IKEv2 Mode |
![[Tip]](../images/tip.png)