DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

IPSEC IKE x509 VPN Client to Router on Android

  • tekwipz
  • Topic Author
  • Offline
  • New Member
  • New Member
More
28 Sep 2018 19:53 #93068 by tekwipz
Hi there, I am trying to set up an IPsec VPN tunnel with x509 user certs on a Draytek Vigor 2860 router. I have created a self signed CA cert but in Android the options for VPN under IPSEC XAuth RSA requires a local cert and I can't find a way to export this from the root, I can only view the cert, please help.

Thanks

Please Log in or Create an account to join the conversation.

More
02 Nov 2018 01:12 #93266 by hornbyp
To get certificates out of the 2860, you have to do a bit of cut-and-paste from the screen ... there is no export function.

Copy the 'PEM Format Content' from the "View" screen and write it to a .CER file. This can be converted to DER or Base-64 encoded .CER format, or PKCS #7 (.P7B) on WIndows, using the 'certificate viewer'.
(This is the default File Assocation for .CER files - aka rundll32 cryptext.dll,CryptExtOpenCER xxxxxxx.cer)

However, note that any certificate generated on the 2860, is meant to identify the 2860 to another system ... it's not meant for any other system to use as its certificate.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami