1. fastberrytxt's Avatar
    Hello guys,

    I might not look like much to a bunch of you but I had to do a LOT of websearch and trial / error to figure out how to setup a VPN that would be compatible with BB10 OS 10.2.1 (hopefully with 10.3 as well)

    We are a small business and do not own any Cisco ASA / PIX router. We had tried the Generic Configuration with a lot of small routers like RV042 and Netgear and couldn't get anything to work.

    So here's the easiest setup I found:

    1) We used a Dell server we already had and that was not in use.
    2) We installed IPFIRE (Similar to IPCOP) on it and configured it with a RED (Internet Interface) and GREEN(Local Interface). We also generated the IPSec certificates using the web interface under Services -> IPSec
    3) When it came down to finishing the setup, we had to use SSH
    4) vi /etc/ipsec.conf

    Here's the conf for BB10:
    conn BB10
    left=%any
    leftsubnet=0.0.0.0/0
    right=%any
    rightsourceip=192.168.2.0/24
    rightid=my_email_address
    rightauth=psk
    leftauth=pubkey
    leftcert=/var/ipfire/certs/hostcert.pem
    auto=add

    5) Make sure you change the /etc/ipsec.secret to reflect your gateway hostname or ip and the PSK for your client email address:
    hostname my_email_address : PSK 'mysecretkey'

    6) Restart ipsec: /etc/init.d/ipsec restart
    7) Go to the web interface and download the Genereted server keys. Do no click save in the web interface in the IPSec Section or your SSH setting will be overwritten
    8) Download the certificates on your media card or BB. Go to Settings -> Security and Privacy -> Certificates -> Click the + for Import. and import the certificates.
    9) On your BB: Go to Settings -> Network Connections -> VPN -> Add
    10) Here's the Conf:
    Server Address: You host IP/name
    Gateway Type: Generic IKEv2 VPN Server
    Auth Type: PSK
    Auth ID Type: Email Address
    Auth ID: You email used in the ipsec conf
    Preshared Key: Your secret key from you ipsec conf
    Gateway Auth Type: PKI
    Gateway Auth Type ID: Identity Certificate Disting...
    Gateway CA Certificate: The one you have just imported should be in the list
    Perfect Forward Secrecy: ON
    Auto IP: On
    Auto DNS: On
    Auto Algorithm: On
    IKE Lifetime: 86400 (or what you have previouly configured)
    IPSec Lifetime: 3600 (or what you have previouly configured)
    Nat Keep Alive: 120
    DPD: 240
    Use Proxy: Off

    I hope it helps some people to setup a VPN for their BB10. There's not a lot of documentation online about it. It would be great if BB could support OpenVPN in their next release.

    Thanks.
    Searchy and Minhaaj Rehman like this.
    09-30-14 07:13 AM
  2. hamsterwheel's Avatar
    That's a great tutorial. Thanks for taking the time.
    10-06-14 06:44 PM

Similar Threads

  1. What Blackberry Blend means going forward
    By jefbeard911 in forum BlackBerry 10 OS
    Replies: 9
    Last Post: 10-01-14, 12:58 PM
  2. BlackBerry Passport very warm and crashing
    By Leatherfacez10 in forum BlackBerry Passport
    Replies: 15
    Last Post: 09-30-14, 02:30 PM
  3. The killer screen settings combo !
    By Superfly_FR in forum BlackBerry Passport
    Replies: 14
    Last Post: 09-30-14, 02:21 PM
  4. my blackberry phone gives error message "app error 523"
    By CrackBerry Question in forum Ask a Question
    Replies: 1
    Last Post: 09-30-14, 07:53 AM
  5. Blend it like BlackBerry
    By lp2586 in forum BlackBerry Z30
    Replies: 2
    Last Post: 09-30-14, 07:42 AM
LINK TO POST COPIED TO CLIPBOARD