BlackBerry OS 10 » History » Version 5
Version 4 (ValdikSS ValdikSS, 02.10.2015 23:44) → Version 5/8 (Noel Kuntze, 03.10.2015 00:41)
h1. BlackBerry OS 10
Blackberry 10 supports IKEv2 with PSK, PKI, EAP-TLS and EAP-MSCHAPv2 authentication. You should choose "Generic IKEv2 VPN Server" as a gateway type.
Server could be authenticated by IPv4 address, FQDN, Email in certificate, General or Distinguished name.
For BlackBerry OS 10 to accept a server certificate, it has to contain the serverAuth flag in the EKU (Extended Key Usage) field.
A client certificate needs to have clientAuth set in the EKU field.
Works fine with the following config:
<pre>
conn %default
# left - local (server) side
left=%any
leftauth=pubkey
leftcert=your_cert.crt
leftsendcert=always
leftsubnet=0.0.0.0/0
# right - remote (client) side
right=%any
rightauth=pubkey
rightsourceip=192.168.103.0/24
rightdns=8.8.8.8
conn ikev2-pubkey
keyexchange=ikev2
auto=add
</pre>
Blackberry 10 supports IKEv2 with PSK, PKI, EAP-TLS and EAP-MSCHAPv2 authentication. You should choose "Generic IKEv2 VPN Server" as a gateway type.
Server could be authenticated by IPv4 address, FQDN, Email in certificate, General or Distinguished name.
For BlackBerry OS 10 to accept a server certificate, it has to contain the serverAuth flag in the EKU (Extended Key Usage) field.
A client certificate needs to have clientAuth set in the EKU field.
Works fine with the following config:
<pre>
conn %default
# left - local (server) side
left=%any
leftauth=pubkey
leftcert=your_cert.crt
leftsendcert=always
leftsubnet=0.0.0.0/0
# right - remote (client) side
right=%any
rightauth=pubkey
rightsourceip=192.168.103.0/24
rightdns=8.8.8.8
conn ikev2-pubkey
keyexchange=ikev2
auto=add
</pre>