This article describes how to connect a smartphone or tablet device (iPhone or iPad) to an existent and running IPsec XAUTH installation on the Panda GateDefender eSeries UTM appliances using PSK (password) authentication.
Note: Remember that PSK and certificate-based connections are mutually exclusive, so you can't have both in one single connection. This lesson introduces only the PSK method, which is simpler and the most widely used.
The Panda GateDefender eSeries UTM appliance should run version 5.50 (or higher) of the software, since XAUTH is a feature introduced in that version.
The connection via IPsec XAUTH requires the following data, that should have been previously configured on the VPN/IPsec server:
- The IP address or hostname of the IPsec XAUTH server (i.e., of the Panda GateDefender eSeries UTM appliances where the IPsec server runs).
- The PSK secret, i.e., the password of the IPsec tunnel, that can be retrieved under Menu bar > VPN > IPsec, by clicking on the Edit icon next to the connection, and then looking in the Authentication box.
- The username and password of the XAUTH user; which can be retrieved from Menu bar > VPN > Authentication > Users, and the user must be allowed to use IPsec XAUTH.
You should write the above mentioned data down or remember it, since you will have to enter them in the corresponding configuration sections of your iOS device.
Setup of an IPsec VPN server by default in Panda GateDefender eSeries
Ensure all steps indicated in the article How to configure an IPsec VPN server by default are correctly configured.
Setup of a VPN Connection to the Panda GateDefender eSeries UTM appliance
To configure your Apple device, e.g., iPhone or iPad, you need first to go under General > Network > VPN, then tap Settings, to open the following screen:
Here, tap on VPN to open the screen with the configuration options:
In the configuration window for the VPN connection, carry out the following operations:
- Tap on IPsec. Note that there is no need to specify XAUTH, as it is already implied in Cisco's IPsec.
- Enter a custom description for the connection. This is the name that will be displayed in the list of available VPN connections.
- Enter the IP address or hostname next to Server.
- Tap on Account and enter your username.
- If you want to store your password on the device, tap Password and enter your password.
- Scroll down the screen (see screenshow below), tap Secret and enter your PSK Secret.
- When the configuration has been ended, in the VPN menu, slide to ON the VPN switch to start the connection.