Help setting up on-demand VPN in iOS 8.
What is On-Demand VPN? from http://www.enterpriseios.com/wiki/On_Demand_VPN_Explained
1. It allows administrators to define a Hosts Domain realm behind which all hosts must be accessed via a VPN connection.
2. Whenever an application try to access one of the server behind that realm, the iOS device automaticaly starts the VPN tunnel.
Hardware I used: Asus RT-AC87R with the latest AsusWRT-Merlin and iPhone 6 plus with iOS 8.1
The sites and steps I used to set it up:
1. https://github.com/RMerl/asuswrt-merlin/wiki/Generating-OpenVPN-keys-using-Easy-RSA
Go through and generate the OpenVPN Keys using this guide. Once generated don't log out of SSH and use the following to generate a p12 file.
Convert your certificate and key files into PKCS#12 form using this openssl command (where cert, key, and ca are your client certificate, client key, and root CA files).
2. http://www.derman.com/blogs/Begin-Configuration-Profile-Setup
and then move on to
http://www.derman.com/blogs/iOS-OpenVPN-OnDemand-Setup
(on the Apple Developer site below go to VPN Payload and On Demand Rules Dictionary Keys sections) https://developer.apple.com/library....html#//apple_ref/doc/uid/TP40010206-CH1-SW27
Now, the issue I'm having. Generating the connection on demand. When I turn on the VPN in settings it connects right away and stays connected. Why isn't it only connecting when I try to access a domain on the domains list. Below is the code from my .mobileconfig file after exporting from Apple Configurator and editing according to the site in step 2.
What is On-Demand VPN? from http://www.enterpriseios.com/wiki/On_Demand_VPN_Explained
1. It allows administrators to define a Hosts Domain realm behind which all hosts must be accessed via a VPN connection.
2. Whenever an application try to access one of the server behind that realm, the iOS device automaticaly starts the VPN tunnel.
Hardware I used: Asus RT-AC87R with the latest AsusWRT-Merlin and iPhone 6 plus with iOS 8.1
The sites and steps I used to set it up:
1. https://github.com/RMerl/asuswrt-merlin/wiki/Generating-OpenVPN-keys-using-Easy-RSA
Go through and generate the OpenVPN Keys using this guide. Once generated don't log out of SSH and use the following to generate a p12 file.
Convert your certificate and key files into PKCS#12 form using this openssl command (where cert, key, and ca are your client certificate, client key, and root CA files).
Code:
openssl pkcs12 -export -in [B]cert[/B] -inkey [B]key[/B] -certfile [B]ca[/B] -name MyClient -out client.p122. http://www.derman.com/blogs/Begin-Configuration-Profile-Setup
and then move on to
http://www.derman.com/blogs/iOS-OpenVPN-OnDemand-Setup
(on the Apple Developer site below go to VPN Payload and On Demand Rules Dictionary Keys sections) https://developer.apple.com/library....html#//apple_ref/doc/uid/TP40010206-CH1-SW27
Now, the issue I'm having. Generating the connection on demand. When I turn on the VPN in settings it connects right away and stays connected. Why isn't it only connecting when I try to access a domain on the domains list. Below is the code from my .mobileconfig file after exporting from Apple Configurator and editing according to the site in step 2.
Code:
<key>OnDemandRules</key>
<array>
<dict>
<key>Action</key>
<string>EvaluateConnection</string>
<key>ActionParameters</key>
<array>
<dict>
<key>Domains</key>
<array>
<string>10.0.1.*</string>
</array>
<key>DomainAction</key>
<string>ConnectIfNeeded</string>
</dict>
</array>
</dict>
</array>
