Setting up IKEv2 on pfsense firewall
-
hi all,
i have followed this guide -
https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2
and im stuck on what cert to install to my mobile/computer etc
is it the certificate authority (CA) or the server certificate (SC), ie the router one or the ikev2 one?
cheers,
rob
-
You need to add the certificate used to sign the server certificate to the client's trusted root store. The CA certificate. The one that shows as Issuer in the certificates view in certificate manager for the certificate used as My Certificate in the IKEv2 config.
-
mmm…
is this the router cert or the one i make for the ikev2?
-
mmm…
is this the router cert or the one i make for the ikev2?
The one that shows as Issuer in the certificates view in certificate manager for the certificate used as My Certificate in the IKEv2 config.
-
is there a way to set up an IKEv2 server on pfsense without my user having to install certs on his device
just by typing in a username and password to authenticate and way you go
-
Are your systems in a domain environment? If do you can push very via group policy.