Results 1 to 5 of 5
  1. #1
    Newbie
    Join Date
    Aug 2017
    Posts
    5

    Default Apple Configurator 2 - Always on IKEv2 VPN for device filtering

    It took me awhile to get the right settings, so I thought I would share. I have a 14 year old, and my ex-wife decided to get him an unrestricted iPhone. Since the cellular connection totally bypassed my Untangle firewall, I had to figure out a way to filter it without him being able to circumvent it when he is away. The always on VPN policy on the phone ensures that all wifi or cellular traffic from his phone is now filtered by my Untangle firewall. If my Internet goes down, so does his!

    You can use Apple Configurator 2 in conjunction with the IPSec firewall on Untangle to enforce web and application filtering. Apple Configurator defaults to AES256/SHA2-256 which didn't connect to Untangle. These are the settings that worked in Apple Configurator 2:

    Encryption Algorithm: 3DES
    Integrity Algorithm: SHA1-96
    DH Group: 2

    Hope someone finds this useful

  2. #2
    Newbie
    Join Date
    Sep 2020
    Posts
    4

    Default

    Hi Niwrik,

    I'm trying to create a Apple Configurator 2 profile for my son's iPhone 11 so that I can filter his traffic and have literally spent 2 days trying to figure out how to configure it on both the untangle NGFW and on Apple Configurator 2. Funnily enough I was able to set up a vpn profile from iOS and get it working according to the instructions given on the untangle site but the interface on Apple Configurator 2 asks for way more info. Is it possible for you to provide me with a screenshot of your settings(with any private information redacted)?

    Cheers.

  3. #3
    Newbie
    Join Date
    Nov 2020
    Posts
    2

    Default

    I used the Apple Configurator 2 profile and was able to get the VPN working great when the iPhone is on cellular, but it isn't working well on the WiFi. The VPN is connected on Wifi, but I can't get navigate to any websites in Safari.

    I'm curious if you had to specify different settings for Wifi and Cellular in the Apple Configurator 2 profile?

  4. #4
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,606

    Talking Welcome

    ...to Untangle, and the forums!

    Quote Originally Posted by echobravo View Post
    I used the Apple Configurator 2 profile and was able to get the VPN working great when the iPhone is on cellular, but it isn't working well on the WiFi. The VPN is connected on Wifi, but I can't get navigate to any websites in Safari.

    I'm curious if you had to specify different settings for Wifi and Cellular in the Apple Configurator 2 profile?
    In general it is best to start your own thread, you are asking for some troubleshooting in a how-to thread.

    Having said that, If you are trying to get it to work on the Wi-Fi inside the same network (LAN) that the VPN terminates, it won't work. just turn the Wi-Fi off, and use the cell data.

    If you have questions, please do start that new thread.
    Enjoy!

  5. #5
    Newbie
    Join Date
    Nov 2020
    Posts
    2

    Default

    Thanks for the reply Jim. I was hoping that the OP would see my post as they mentioned that they were able to get the IPSec VPN working on Wifi, but you make a great point, perhaps they meant it only works on other WiFi networks separate from the one running the VPN. I'll have to test the iPhone on a separate WiFi to confirm this.
    Jim.Alles likes this.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2