Description:

This document describes the configuration steps necessary to set up an IKEv2 VPN connection between a LANCOM router and the Apple VPN client as of MacOS X 10.11 El Capitan.


Requirements:




Procedure:

1) Configuration steps on the router

1.1) Start the Setup Wizard in LANconfig.

1.2) Select the item Provide remote access (RAS, VPN).

1.3) In the next dialog you select the option IKEv2.

1.4) Select the LANCOM Advanced VPN Client for Windows as the VPN client and deactivate the option Speed up your configuration with 1-Click-VPN.

1.5) Enter the name for the VPN connection here (e.g. VPN_MACBOOK)

1.6) Enter the public IP address or public DNS address of the LANCOM router.

1.7) Assign any "Fully Qualified Username" (FQUN) in the form of an E-Mail address and specify a Preshared Key.

Entering the FQUN as an E-Mail address is mandatory as the integrated macOS VPN client will otherwise use the identity type "Fully Qualified Domain Name" (FQDN) and the VPN connection cannot be established in this case.

  • FQUN: vpn@lancom.de
  • FQDN: vpn@lancom

1.8) Here you specify the local IP address to be allocated to the Apple device for its VPN connection.

1.9) The following item optionally allows you to limit the access of the Apple device VPN client to certain networks.

1.10) Deactivate the option to Store profile as LANCOM Advanced VPN Client import file.

1.11) This completes the initial configuration with the Wizard. Close the final dialog window by clicking on Finish.



2) Configuring the VPN client in MacOS X as of version 10.11 El Capitan:

2.1) In the Network configuration dialog window, click on the + button (marked red in the figure below) and select the option VPN type IKEv2.

2.2 Enter the following in the fields server address and local and remote identity (see step 1.7).

2.3) Click the Authentication settings... button.

2.4) Select the option None and enter into the field Key ("shared secret") the character combination that you specified in step 1.7 of the LANCOM configuration.

2.5) Click on the OK button to accept your settings.

2.6) Click on the Connect button to establish the VPN connection.

2.7) The VPN client has now been successfully configured.