While IPSec VPN configurations vary widely, the following example configuration (used with StrongSwan) is a valid customer-side config:
config setup
uniqueids=never
strictcrlpolicy=no
conn wandera-access
left=%any
leftid=@wpa.wandera.com
leftsubnet=192.168.253.0/24
leftauth=psk
right=aaa.bbb.ccc.ddd
rightid=%any
rightsubnet=0.0.0.0/0
rightauth=psk
auto=add
keyexchange=ikev2Ensure that you update the values for the following fields:
| Field | Description |
|---|---|
right | The IP address you found in a previous step using ifconfig |
rightid | The Customer IKE Domain ID that you configured in Jamf Security Cloud. Many firewalls refer to this value as the "Local ID". For StrongSwan, this may be any |
rightsubnet | The subnets provided in the Application Server IPs or Subnets field when requesting the new gateway. |
right | Used to indicate that connections should be allowed to and from any other IP address from the Jamf Security Cloud infrastructure. Other firewalls may require you to define this as 0.0.0.0/0 |
leftid | This must be set to wpa.wandera.com. Many firewalls refer to this value as the "Remote ID". Also, select "Hostname" (or similar) not "IP" as the remote identifier type if asked to specify one. |
leftsubnet | This corresponds to the "Jamf Security Cloud-Side Subnet" defined in your IPSec configuration in Jamf Security Cloud. This is known as the Remote Subnet or Encryption Domain that defines the networks which are accessible via the IPSec connection. For QuickConnect, this defaults to 192.168.253.0/24 |