IPSec VPN Profile for IOS with FW 5.2

Mario
Mario Posts: 106  Ally Member
Zyxel Certified Network Engineer Level 1 - Security First Comment Friend Collector Fifth Anniversary
Hi
I  test the new native IPSec v2 connection to an Ipad with FW 5.2 (great work, BTW 👍)
How can I get the config to my Ipda? At the end of the "quick setup" I can export the config, but can I also get it from the webinterface when I log in with the VPN user?  (self-service)
This was possible with the old L2TP VPN over the "Configuration Provisioning" option.
Currently I don't see an option for this?
Thanks
Mario

Accepted Solution

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,379  Zyxel Employee
    100 Answers 1000 Comments Friend Collector Seventh Anniversary
    Answer ✓
    Hi @Mario
    VPN configuration provision in login portal page only support for IOS, since iPadOS is no belonging to iOS, so the session page will not display the download button to you.

    In 5.20 version, wizard will generates different platform configuration for Windows/IOS/MacOS/Android VPN client. You can download them when creating VPN rule by wizard.


    Also if user could download all of platform VPN configuration after logging into system, then will much friendly. So I reported is as idea as requirement.

All Replies

  • CHS
    CHS Posts: 181  Master Member
    5 Answers First Comment Friend Collector Sixth Anniversary
    It looks you have to add IKEv2 configuration manually....since iPadOS is neither iOS or macOS.
    You can export the certificate from firewall, and open it by Safari.
    And then go to create IKEv2 VPN rule on your iPad after trusting the certificate.
  • Mario
    Mario Posts: 106  Ally Member
    Zyxel Certified Network Engineer Level 1 - Security First Comment Friend Collector Fifth Anniversary
    Hi @CHS
    Thanks for your reply. At 5.2 you have the optoin to export "RemoteAccess_iOS_301.mobileconfig" at the end of the quick setup (small icon on the left side) .
    You can import this file on IOS and just enter username and password, then the vpn works.
    I like to have an option to allow the users to log on on the firewall directly on IOS / Android and get the "RemoteAccess_iOS_301.mobileconfig" or "RemoteAccess_ANDROID_270.sswan" for IOS or Android.




  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,379  Zyxel Employee
    100 Answers 1000 Comments Friend Collector Seventh Anniversary
    Hi @Mario
    VPN configuration provision already supported for IOS. User could download configuration after logging to portal. But doesn't support for Android yet.
    I will report it as idea section for new enhancement in the future.
    Thanks for your feedback. :)

  • Mario
    Mario Posts: 106  Ally Member
    Zyxel Certified Network Engineer Level 1 - Security First Comment Friend Collector Fifth Anniversary
    Hi @Zyxel_Stanley
    This is what I expect, but on my Ipad 6. gen with 15.2.1 with safari I don't have the option to download the profile:


    Is this a bug?
  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,379  Zyxel Employee
    100 Answers 1000 Comments Friend Collector Seventh Anniversary
    Answer ✓
    Hi @Mario
    VPN configuration provision in login portal page only support for IOS, since iPadOS is no belonging to iOS, so the session page will not display the download button to you.

    In 5.20 version, wizard will generates different platform configuration for Windows/IOS/MacOS/Android VPN client. You can download them when creating VPN rule by wizard.


    Also if user could download all of platform VPN configuration after logging into system, then will much friendly. So I reported is as idea as requirement.

Security Highlight