Introduction:
This configuration guide describes how to configure IPsec IKEv2 Remote Access VPN by Window Client on Window OS to establish VPN connections. After that, the customer can access virtual machines and applications located on the HGIO Cloud with more security and reliability.
Setup IPSec IKEv2 Remote Access VPN
I. Setup VPN Windows Client
Configuration VPN Profile for Windows client
Open PowerShell with Administrator permission.
Copy and paste the information below into PowerShell (replace red word xxxx by your domain name).
Add-VpnConnection -Name "HI-GIO-IKEv2-VPN" -ServerAddress " remote-xxxxx.xxxx01.vpn.higio.net " -TunnelType "Ikev2"
Set-VpnConnectionIPsecConfiguration -ConnectionName "HI-GIO-IKEv2-VPN" -AuthenticationTransformConstants GCMAES128 -CipherTransformConstants GCMAES128 -EncryptionMethod GCMAES128 -IntegrityCheckMethod SHA256 -PfsGroup "PFS2048" -DHGroup "Group14" -PassThru -Force
2. Enable VPN split tunneling in Windows client.
Virtual private network (VPN) split tunneling lets you route some of your application or device traffic through an encrypted VPN, while other applications or devices have direct access to the internet.
Copy and paste the information below into PowerShell.
Set-VPNconnection -name "HI-GIO-IKEv2-VPN" -SplitTunneling $true
3. Adds a route to a VPN connection.
Add a VPN connection route for subnet (example: 10.16.1.0/24). If we need to add an additional another subnet, perform the same way and replace it with the new subnet.
Copy and paste the information below into PowerShell.
Add-VpnConnectionRoute -ConnectionName "HI-GIO-IKEv2-VPN" -DestinationPrefix "10.16.1.0/24" -PassThru
4. Connect VPN from Windows Client.
Login to the account with the username and password that were provided, then click OK.
The VPN connection was established successfully.
Using the ping command line, confirm that you are connected to the application located on the HGIO Cloud.
