Contents

Related Topics

Configure Android Devices for Mobile VPN with IKEv2

To configure a VPN connection between your Android device and a Firebox, we recommend the free strongSwan app. Recent Android versions do not include native support for IKEv2 VPNs.

To add the VPN connection on your device, you can use the WatchGuard automatic configuration script or manually configure settings on the device.

Mobile VPN with IKEv2 is supported on Fireboxes with Fireware v12.1 and higher.

WatchGuard provides interoperability instructions to help our customers configure WatchGuard products to work with products created by other organizations. If you need more information or technical support about configuring a non-WatchGuard product, see the documentation and support resources for that product.

Automatically Configure VPN Settings

To configure a VPN connection with the WatchGuard automatic configuration script, you must download a compressed .TGZ file from your Firebox. This file contains instructions and configurations scripts for various operating systems. For information about how to download this file, see Configure Client Devices for Mobile VPN with IKEv2.

The automatic configuration script creates a new IKEv2 VPN profile in the strongSwan app on your Android device. It also installs the required CA certificate for the VPN connection.

To add a new VPN profile to the strongSwan app with the automatic configuration script:Closed
  1. Download and install the strongSwan VPN client from the Google Play store.
  2. Download or copy the WG IKEv2.sswan file to the local storage on your Android device.
  3. Open the strongSwan VPN client and select the three vertical dots at the top right next to the Add VPN Profile option.
  4. Select Import VPN profile.
  5. Browse to the WG IKEv2.sswan file.
  6. To import the WG IKEv2.sswan file, select it.
  7. (Optional) Type your user name and password.
  8. Select the Import option at the top right.
  9. To initiate an IKEv2 PN connection to the Firebox, select the new IKEv2 profile that you added.

Manually Configure VPN Settings

To manually add a new VPN profile to the strongSwan app:Closed
  1. Download or copy the rootca.crt or rootca.pem certificate file to the local storage on your Android device.
  2. Browse to the rootca.crt or rootca.pem certificate file.
  3. To install the certificate, tap the rootca.crt or rootca.pemfile.
  4. Type a name. For example, type WG IKEv2 CA.
  5. Click OK.
  6. To verify that the certificate was installed, select Settings > Security > Trusted Credentials > User.
  7. Download and install the strongSwan VPN client from the Google Play store.
  8. Open the strongSwan VPN client and select the Add VPN Profile option.
  9. To configure the VPN, specify this information:
    • Server — Host name or IP address of the server
    • VPN Type — Firebox IKEv2 EAP (Username/Password)
    • Username — Your Firebox username
    • Password — Your Firebox password
    • CA Certificate — Select automatically
    • Profile Name — A name for the VPN
  10. Click Save.
  11. To start a VPN connection to the Firebox, select the new IKEv2 profile that you added.

See Also

About Mobile VPN with IKEv2

Configure Client Devices for Mobile VPN with IKEv2

Configure iOS and Mac OS Devices for Mobile VPN with IKEv2

Configure Windows Devices for Mobile VPN with IKEv2

 

Give Us Feedback     Get Support     All Product Documentation     Technical Search

© 2018 WatchGuard Technologies, Inc. All rights reserved. WatchGuard, the WatchGuard logo, WatchGuard Dimension, Firebox, Core, Fireware, and LiveSecurity are registered trademarks or trademarks of WatchGuard Technologies in the United States and/or other countries.