After you create an IPsec-VPN server, you must configure a mobile client before you
can establish IPsec-VPN connections between the mobile client and Alibaba Cloud.
Prerequisites
Before you start, make sure that the following requirements are met:
- An IPsec-VPN server is created. For more information, see Work with an IPsec client.
-
The following information is obtained in the VPN Gateway console:
- The public IP address of the VPN gateway that is associated with the IPsec-VPN server.
- The version of the IKE protocol used by the IPsec-VPN server.
- The pre-shared key used by the IPsec-VPN server.
Configure an iOS client
IPsec-VPN servers support only mobile phones that run an iOS operating system. In
this topic, iOS 14 is used as an example to describe how to configure a mobile client.
- Open Settings on your mobile phone.
- Choose .
- On the Add Configurations page, set the following parameters.
- Type: Select a VPN protocol.
The IKE version that you set for this parameter must be the same as that of the IPsec-VPN
server.
- Description: Enter a description for the VPN.
- Server: Enter the public IP address of the VPN gateway to which you want to connect by using
the mobile client.
- Remote ID: Enter the public IP address of the VPN gateway to which you want to connect by using
the mobile client.
- Local ID: Enter the identifier of the mobile client. You can leave this parameter empty.
- User Authentication: Select None.
- Use Certificate: Turn off the switch.
- Secret: Enter the secret that is used for identity verification between the IPsec-VPN server
and the mobile client. An IPsec-VPN connection can be established only when both ends
use the same secret.
In this example, the pre-shared key of the IPsec-VPN server is used.
- Proxy: Select Off.
- Click Done.
- On the VPN page, select the VPN configuration and turn on the Status switch.
If the status displays Connected, it indicates that the IPsec-VPN connection is established.