Knowledge Base  >   VPN  > 

IKEv2 VPN from macOS to Vigor Router

This article demonstrates how to set up the Vigor router as a VPN gateway for Remote Dial-in IKEv2 VPN connections, especially from macOS. We will show the necessary configuration of the router and the IKEv2 VPN setup on macOS as well.

Setup on Vigor Router

1. Make sure the router is connected to the Internet and has a public WAN IP address so that VPN clients on the Internet can reach it.

2. Go to VPN and Remote Access >> IPsec General Setup, enter a Pre-Shared Key and Confirm. Then click OK to save.

a screenshot of DrayOS IKE General Setup

3. Go to VPN and Remote Access >> Remote Dial-in User and click on an available index,

  • Check Enable this account
  • At Allowed Dial-In Type, check "IPsec Tunnel"
  • Click OK to save the profile.
screenshot of IKEv2 VPN user setup
  1. Make sure the router is connected to the Internet and has a public WAN IP address so that VPN clients on the Internet can reach it.
  2. Go to VPN / General Setup / IPsec page to enable IPsec service as follows:
    1. Enable IPsec service.
    2. Click Apply to save the profile.

  3. Go to VPN / Teleworker VPN to create Teleworker VPN profile as follows:
    1. Enter Username in Account tab.
    2. Go to Teleworker VPN tab and select Enable.
    3. Enable IPsec in Allowed VPN Protocols and select IKEv1/v2 in Allowed IPsec Protocols.
    4. Enable Specify VPN Peer and enter peer’s IP address in the Remote Client IP.
    5. Enter unique Pre-Shared Key for VPN peer.
    6. Select the LAN subnet assigned to the user.
    7. Click Apply to save the profile.

IKEv2 VPN Setup On macOS

  1. Go to System Preferences >> Network and click '+'
    1. Select VPN for Interface.
    2. Select IKEv2 for VPN Type.
    3. Give a Service Name and click Create.
  2. Type the WAN IP or hostname of the router at both Server Address and Remote ID.
  3. Click Authentication Settings, in the pop-up window:
    1. Select "None" for Authentication Settings.
    2. Type the Pre-shared key configured in the VPN profile for Shared Secret.
    3. Click OK to save and close the window.
  4. Click Apply. Then, click Connect to establish the IKEv2 VPN to Vigor Router.

1. Make sure the router is connected to the Internet and has a public WAN IP address so that VPN clients on the Internet can reach it.

2. Go to VPN and Remote Access >> IPsec General Setup, type Pre-Shared Key. Then, click Apply to save.

a screenshot of Linux IPsec General Setup

3. Go to VPN and Remote Access >> VPN Profiles to add a profile as follows:

  • Check Enable
  • Select "Enable" for Remote Dial-in User
  • Type the LAN network you want the remote host to join at Local IP/Subnet Mask
  • Select "IKEv2" for IKE Protocol
  • Select "PSK" for Auth Type
  • Click Apply to save the profile
a screenshot of Linux IKEv2 User Setup
IKEv2 VPN Setup On macOS

1. Go to System Preferences >> Network and click '+'

  • Select VPN for Interface
  • Select IKEv2 for VPN Type
  • Give a Service Name and click Create
a screenshot of macOS Network settings

2. Type the WAN IP or hostname of the router at both Server Address and Remote ID.

a screenshot of macOS Network settings

3. Click Authentication Settings, in the pop-up window,

  • Select "None" for Authentication Settings
  • Type the Pre-shared key configured on the router for Shared Secret
  • Click OK to save and close the window.
a screenshot of macOS Network settings

4. Click Apply. Then, click Connect to establish the IKEv2 VPN to Vigor Router.

a screenshot of macOS Network settings

Published On: Aug 08, 2017

Was this helpful?   

book icon

Related Articles