Configuring IPsec IKEv2 Remote Access VPN Clients on Ubuntu¶
This document demonstrates how to configure an IKEv2 EAP-MSCHAPv2 or EAP-RADIUS connection on Ubuntu. This procedure was performed on Linux Mint 20.2 but the procedure is identical on most recent similar distributions.
Before starting, install network-manager-strongswan and
strongswan-plugin-eap-mschapv2 using apt-get or a similar mechanism.
Setup the VPN Connection¶
Copy the CA Certificate for the VPN from the firewall to the workstation
Click the Network Manager icon in the notification tray by the clock
Note
The icon varies depending on the type of network in use.
Click Network Connections
Click Add
Select IPsec/IKEv2 (strongswan) under VPN as shown in Adding an IKEv2 VPN on Ubuntu
Adding an IKEv2 VPN on Ubuntu¶
Note
If the option is not present, double check that
network-manager-strongswanis installed.Click Create
Select the VPN Tab
Set the fields as follows:
- Connection Name
A name for this connection,
ExampleCo Mobile VPN.- Address
The Address of the firewall,
vpn.example.com.- Certificate
Click the field and browse to find the downloaded CA Certificate file.
- Authentication
EAP
- Username
The username to be used for this connection,
alice.- Password
Click the icon in the Password field and select the desired action. The default behavior is to ask for the password on every connection.
To store the password, pick one of the options which allow storing the value then set it in this field.
- Request an inner IP address
Checked
Compare the settings to those shown in figure Ubuntu VPN Client Settings
Click Save
Click Close
Ubuntu VPN Client Settings¶
Connecting and Disconnecting¶
To Connect:
Click the Network Manager icon
Click the VPN Name or click VPN Connections to move the slider to the On (1) position
Note
If a password prompt does not appear, the network manager service may need restarted or a reboot of the workstation may be necessary.
To Disconnect:
Click the Network Manager icon
Click VPN Connections to move the slider to the Off (0) position