WedgeARP™ Secure Home Office IKEv2 Configuration - iOS

IKEv2 VPN protocol is extremely secure while also providing high stability and performance speed. Therefore, it is one of the recommended VPN services for use on your device. This guide will step you through the security certificate installation and IKEv2 setup on the iOS platform. 

Let us begin below:

Installing Digital Certificate

To start, you will need to install an end-user digital certificate onto your device.  Please download the WedgeARP™ - Public Key to send it to your device.  Then, read more below and follow the directions on how to install a digital certificate.

An End User Digital Certificate that contains a public and private key can be installed onto the iPhone or iPad. With the release of iOS 5, the iPhone and iPad now support S/MIME. This means that you can digitally sign and encrypt emails from either device. iOS 5 also has support for client authentication using a certificate. This will enable you to log onto a website that requires a certificate for access. Below are the steps in order to install a digital certificate onto an iPhone.

Note: All screenshots are shown using iOS7. The steps for previous versions of iOS are generally the same.  Later versions of iOS may be slightly different.  WedgeARP Secure Home Office officially supports iOS13 and above.

Let us begin:

1. Open the .pem certificate file using your iPhone by selecting the file. This will start the process to install the certificate as a new profile on your iPhone. In the example below, the *.pem file was included in an email.
   
2. At the Install Profile screen (shown below) press the Install button.
   
3. You will be prompted with a warning message that says, "Installing this profile will change settings on your iPhone." Press the Install Now button.
   
4. If your device has a PIN or passcode set, you may need to enter this in. After that (or if no passcode has been set), then you will be required to enter in the password for the certificate. Using the keyboard provided type in the password into the field. Once you have entered in the password push the Next button at the top beside Enter Password.
   
   
5. The certificate will continue to install. Once it has finished you will be presented with the following screen.
   

You have now installed the Digital Certificate.  You must now manually turn on trust for SSL when you install the profile that was sent to you via email (or downloaded from a website).

If you want to turn on SSL trust for that certificate, go to Settings > General > About > Certificate Trust Settings. Under "Enable full trust for root certificates," turn on trust for the certificate.  As an example, on an iPhone, this would be shown below.

Next, we will proceed to the IKEv2 setup:

1. Go to Settings > General > VPN > Add VPN Configuration...

2. Next, input the following data:

• Type: Select IKEv2
• Description: Enter the connection name, for instance, "warp"
• Server: Enter the server provided in the welcome email by Wedge Networks
• Remote ID: Enter the server provided in the welcome email by Wedge Networks
• User Authentication: Select Username
• Username: Enter the username provided by Wedge Networks
• Password: Enter the password provided by Wedge Networks

When you are finished, click on Done.

3. Now, simply switch the toggle to enable the new VPN connection.

You are now running a VPN connection through the IKEv2 protocol.

Your setup is now complete!

Note:  WedgeARP™ Secure Home Office assigns a static IP address per user tunnel.  A user can only have ONE active tunnel at a time.  The most recent connection will become the active tunnel for the user. 

Caution: Please note that you will need to configure your device using the generated settings by yourself and at your own risk.

Known Issues: Please note that if a version older than iOS13 is being used the WedgeARP Secure Home Office VPN will disconnect after approximately 30 minutes.  This will happen regardless of the phone's connectivity (either cellular or wi-fi).  This is a known issue.  The user will be required to re-connect to the VPN in order to utilized the WedgeARP Secure Home Office service.

For further information or assistance, please contact Wedge Sales Support Centre at: 1-888-276-5356.