Question

How To Set Up IKEv2 VPN with StrongSwan & Certificate Authentication

Posted December 28, 2021 176 views
UbuntuSecurityVPNUbuntu 20.04

Hi, I successfully followed the above tutorial to create a VPN with EAP authentication on Ubuntu 20.04. However, iOS only seems to allow their VPN-on-demand feature (to keep the connection alive) for connections with certificate-based authentication, so I did some research, but couldn’t really find any answers to achieving this that I could easily understand/implement.

Any help with switching the authentication in this scenario to use certificates would be greatly appreciated :)

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hi there,

I have not personally set that up in quite a while, but what I could suggest is to follow the steps from the official documentation here:

https://docs.paloaltonetworks.com/globalprotect/8-1/globalprotect-admin/authentication/set-up-authentication-for-strongswan-ubuntu-and-centos-endpoints/enable-authentication-using-a-certificate-profile.html

This also includes instructions for Ubuntu.

Hope that this helps.
Regards,
Bobby