The following is an example of configuring IKEv2 on a PfSense:
To Add IPSec Tunnel:
VPN -> IPsec+ Add P1 and fill out form2.1 General Information
Disabled: Leave unchecked (default)
Key Exchange version: IKEv2
Internet Protocol: IPv4
Interface: WAN
Remote Gateway: warp.sho.wedgenetworks.com
Description: WARP
2.2. Phase 1 Proposal (Authentication)
2.2.2 IKEv2 Authentication
Authentication Method: Mutual PSK
My identifier: User distinguished name
Peer identifier: Peer IP address
Pre-Shared Key: #Enter Pre-Shared Key password provided by Wedge Networks#
2.3 Phase 1 Proposal (Algorithms)
Encryption Algorithm: AES 256 bits
Hash Algorithm: SHA256
DH Group: 2 (1024 bit)
Lifetime (Seconds): 480
2.4 Advance Options
Disable rekey: Click checkbox to enable Disable rekey
Disable Reauth: Click checkbox to enable Disable Reauth
Responder Only: Leave unchecked (default)
MOBIKE: Disable
Split connections: Leave unchecked (default)
Dead Peer Detection: Click checkbox to enable Dead Peer Detection
Delay: 10 (default)
Max failures: 5 (default)
Click 'Save' button to save IPSec configuration.
Note: WedgeARP™ Secure Home Office assigns a static IP address per user tunnel. A user can only have ONE active tunnel at a time. The most recent connection will become the active tunnel for the user.
Caution: Please note that you will need to configure your device using the generated settings by yourself and at your own risk.
For further information, please contact Wedge Sales Support Centre at: 1-888-276-5356.