IKEv2 VPN protocol is extremely secure while also providing high stability and performance speed. Therefore, it is one of the recommended VPN services for use on your device. This guide will step you through the security certificate installation and IKEv2 setup on the Android platform.
Let us begin below:
1. First, you should download the security certificate provided by Wedge Networks.
You can download the Certificate (WedgeARP™ - Public Key - .cer or .pem) to your file manager on your device.
Unless you choose to save it to a different folder, the certificate should save to your Downloads folder.
2. Next, navigate to the GooglePlay store, then download and install the strongSwan VPN Client application (recommended).
3. Once it is installed, open the application.
4. It will open up the following screen.
5. Click on "Add VPN Profile" and enter the following:
6. Next, in the CA certificate section, click on Select CA Certificate. Another window will pop up. Click on "Import certificate".
7. Navigate to the Downloads folder or other folder that you had saved the security certificate in Step 1. Choose the security certificate and click on "Import Certificate".
8. The certificate will now be found under the Imported tab. Click on the Wedge Networks certificate and you will return to the previous page.
9. The Wedge Networks certificate will now populate that field. You can click on the "Select Automatically" box and then Save the VPN profile.
10. The VPN profile will then show up in the available VPN listings.
11. Click on the WedgeARP VPN setup and a pop-up box will appear asking you to allow the "strongSwan VPN Client" to create a VPN connection. Click on "Always Allow".
12. Install the certificate (.cer or .pem file downloaded previously, above) so that it will be used for all apps. Open your android device's Settings window and search for Install from devices storage. Select the .cer or .pem certificate that you had previously saved to your device and click on Done. Then, enter the name of the certificate. Make sure that you choose to use the certificate for VPN and apps and then click on OK to install the certificate.
Make sure that the certificate is there in the View Security Certificates - User tab.
13. Finally, Restart your Android device for these changes to take effect.
You are now running a VPN connection through the IKEv2 protocol.
NOTE: For those using the Mozilla Firefox browser, you will need to install the Wedge Security certificate directly into Firefox as well, as it uses its own trust store. To do this, follow the instructions on this page.
Note 2: WedgeARP™ Secure Home Office assigns a static IP address per user tunnel. A user can only have ONE active tunnel at a time. The most recent connection will become the active tunnel for the user.
Note 3: Please note that when using WedgeARP™ Secure Home Office over some LTE operators with dual-stack (IPv4/v6) networks, users may need to reduce the MTU (Maximum Transmission Unit) size settings on their devices, otherwise they may face degraded performance. Please use the following instructions to reduce MTU size settings so as to minimize this performance degradation.
On Android devices using the strongSwan VPN client (detailed above), MTU settings can be changed in the settings section "MTU of VPN tunnel device". Users simply need to change the value in this setting to "1358" or lower and then save.
Caution: Please note that you will need to configure your device using the generated settings by yourself and at your own risk.
For further information, please contact Wedge Sales Support Centre at: 1-888-276-5356.