IKEv2 VPN with EAP Authentication from iOS to Vigor Router using Let's Encrypt

DrayOS supports generating Let’s Encrypt certificate function since firmware version 3.9.0. As we know, the certificate signed up by Let's Encrypt is a valid certificate so using Let’s Encrypt certificate on Vigor Router can simplify the VPN configuration for different VPN clients, especially while using IKEv2 VPN with EAP authentication VPN. This article demonstrates how to set up Vigor Router as an IKEv2 VPN server by using the Let’s Encrypt certificate, and how to establish a connection from iOS.

Set Up Vigor Router

1. Select the correct Time Zone and ensure the router system time is correct.

2. Activate the DrayDDNS service on your Vigor Router by referring to the article here.

3. Apply the Let's Encrypt certificate for your DrayDDNS domain name by referring to the article here.

4. Go to VPN and Remote Access >> IPsec General Setup page, select DrayDDNS – the Domain which used for applying Let's Encrypt certificate as Certificate for Dial-in.


5. Go to VPN and Remote Access >> Remote Dial-in User page, click an available index. Edit the profile as follows:

a screenshot of VPN user profile

Connecting from iOS

1. Go to General >> VPN page, and tab Add VPN Configuration.

a screenshot of iOS

2. Configure the VPN as follows:

Published On:2019-03-26 

Was this helpful?