Vigor3900 and Vigor2960 support IKEv2 with EAP authentication since firmware version 1.4.0. It can make IKEv2 VPN even more secure by additional username and password authentication and certificate verification. This article demonstrates how to create a self-signed certificate for server authentication, set up Vigor Router an IKEv2 VPN server, and how to establish a connection from Windows by Smart VPN Client v5.2.0.
1. Go to Certificate Management >> Trusted CA, click Build RootCA
2. Click Download to export the Root CA, which will need to be installed to the VPN client.
3. Go to Certificate Management >> Local Certificate, click Generate:
4. Go to User Management >> User Profile to add a user profile:
5. Go to VPN and Remote Access >> VPN Profiles >> IPsec to add a profile:
1. Open RootCA and install it.
2. Place it in Trust Root Certificate Authorities
3. Confirm the certificate is installed successfully
4. Run Smart VPN client and Add a profile:
5. Switch on Connect and then we can check VPN status when it's connected
Was this helpful?