VPN

IOS Mobile Config für automatische VPN Verbindung in fremden WLANs - mit USG IPsec

Sven Eilenberger

3 min read
IOS Mobile Config für automatische VPN Verbindung in fremden WLANs - mit USG IPsec

Beispiel Konfiguration

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>IPSec</key>
			<dict>
				<key>AuthenticationMethod</key>
				<string>SharedSecret</string>
				<key>LocalIdentifierType</key>
				<string>KeyID</string>
				<key>SharedSecret</key>
				<!-- Base64 Encoded !!-->
				<data>
				### Shared Secret ###
				</data>
<!-- VPN-On-Demand Codeblock -->
<key>OnDemandEnabled</key>
<integer>1</integer>
<key>OnDemandRules</key>
<array>
	<dict>
		<!-- VPN bei ausgewählten WLAN-Netzen deaktivieren -->
		<key>InterfaceTypeMatch</key>
		<string>WiFi</string>
		<key>SSIDMatch</key>
		<array>
			<string>### SSID of my home wifi ###</string>
		</array>
		<key>Action</key>
		<string>Disconnect</string>
	</dict>
	<dict>
		<!-- VPN bei aktiver WLAN-Verbindung aktivieren -->
		<key>InterfaceTypeMatch</key>
		<string>WiFi</string>
		<key>Action</key>
		<string>Connect</string>
	</dict>
	<dict>
		<!-- VPN im Mobilfunknetz nicht aktivieren -->
		<key>InterfaceTypeMatch</key>
		<string>Cellular</string>
		<key>Action</key>
		<string>Disconnect</string>
	</dict>
<!-- VPN beim Zugriff auf Heimnetz-Adressen aufbauen -->
	<dict>
		<key>Action</key>
		<string>EvaluateConnection</string>
		<key>ActionParameters</key>
		<array>
			<dict>
				<key>Domains</key>
				<array>
					<string>*.localdomain</string>
				</array>
				<key>DomainAction</key>
				<string>ConnectIfNeeded</string>
				<key>RequiredDNSServers</key>
                                    <array>
                                        <string>### Here I used the internal IP of USG (192.168.x.x) // pretty sure this is wrong // Maybe insert internal IP of smarthome-server (192.168.x.xx)? ###</string>
                                    </array>
			</dict>
		</array>
	</dict>	
</array>
<!-- VPN-On-Demand Codeblock ENDE-->
			</dict>
			<key>IPv4</key>
			<dict>
				<key>OverridePrimary</key>
				<integer>1</integer>
			</dict>
			<key>PPP</key>
			<dict>
				<key>AuthName</key>
				<string>### VPN User Name ###</string>
				<key>AuthPassword</key>
				<string>### VPN Password for User ###</string>
				<key>CommRemoteAddress</key>
				<string>### DynDNS which is configured in USG ###</string>
			</dict>
			<key>PayloadDescription</key>
			<string>VPN-Einstellungen konfigurieren</string>
			<key>PayloadDisplayName</key>
			<string>VPN</string>
			<key>PayloadIdentifier</key>
			<string>com.apple.vpn.managed.96CBD3FD-18A7-468A-BE47-4AEAD66F376A</string>
			<key>PayloadType</key>
			<string>com.apple.vpn.managed</string>
			<key>PayloadUUID</key>
			<string>96CBD3FD-18A7-468A-BE47-4AEAD66F376A</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>Proxies</key>
			<dict>
				<key>HTTPEnable</key>
				<integer>0</integer>
				<key>HTTPSEnable</key>
				<integer>0</integer>
			</dict>
			<key>UserDefinedName</key>
			<string>### Discription (Name) of VPN Connection ###</string>
			<key>VPNType</key>
			<string>L2TP</string>
		</dict>
	</array>
	<key>PayloadDisplayName</key>
	<string>### Name of VPN Connection ###</string>
	<key>PayloadIdentifier</key>
	<string>Sebastian.VPNonDemand.unify</string>
	<key>PayloadRemovalDisallowed</key>
	<false/>
	<key>PayloadType</key>
	<string>Configuration</string>
	<key>PayloadUUID</key>
	<string>3BBCF4E8-50B6-442B-8662-E0C81527285A</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>

Sign up for more like this.

Enter your email
Subscribe