Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

BlackBerry® Z10

Reply
New Contributor
aplant3
Posts: 5
Registered: ‎06-17-2013
My Device: Blackberry Z10

Re: VPN using Microsoft IKEv2 protocol don't works

No and I had not installed any certificate when I had tested it on the unit we had from Bell to run our tests.

Please use plain text.
New Contributor
chewpick
Posts: 6
Registered: ‎06-13-2013
My Device: Z10

Re: VPN using Microsoft IKEv2 protocol don't works

I had installed my own certs which have been verified to be valid. That and the issuing CA are both good.
Please use plain text.
Contributor
xM74
Posts: 21
Registered: ‎05-19-2013
My Device: Z10

Re: VPN using Microsoft IKEv2 protocol don't works

[ Edited ]

I'm now under OS 10.1.0.2312 and use PureVPN service. In my case as a solution to make it work I installed two certificates from different VPN provider. One as "Personal Trusted CA" and one as "Personal Client".

After it my VPN started to work as it should. I know that this certificates is not necessary for IKEv2 but it helped. Several people with the same problem reported that this decision helped them.

I have no explanation for this phenomenon.

Don't know will it help in your case but you can try.

Download certificates by this link http://files.mail.ru/F0B7A7B4CA6F44A2AD3B1F296D04B646

That follow this procedure (be carefull).


STEP 1

First we need to import our SSL certificates to your Blackberry device. We can do that on two ways via USB or WiFi.

1. To import the certificate using a USB connection, connect your BlackBerry device to your computer using a USB cable. If necessary, on your computer, enter your device password. Then click on Network , wait some time until your Blackberry device doesn’t show up and double click on device , then double click on Certs folder.

2. Click on Settings icon on your Blackberry device then click on About Tab. After that under Category select Network and write down your IP address . In our example its 192.168.1.131 .
Click again on Settings icon on your Blackberry device then click on Storage and Access tab. Switch “Access Using WiFI” to On. Then setup access password.

If your computer uses a Windows operating system, in a Run command, type the IP address in the following format: \\xx.xxx.xxx.xxx. eg. \\192.168.1.131

If your computer uses a Mac operating system, select Go > Connect to Server. Type the IP address in the following format: smb://xx.xxx.xxx.xxx. eg. smb://192.168.1.131

Open the certs folder. If necessary, enter the username and storage access password. Default username is Blackberry.

STEP 2

Go to folder where you saved our LimyVPN SSL Certificates which we sent you previously. Select both, then click on copy.

STEP 3

Now paste both files into Certs folder of your connected Blackberry Z10 , Blackberry Q10 or any other Blackberry OS 10 device. Go back to your Blackberry Device

STEP 4

On your Blackberry device, click on Settings icon then on Security and Privacy tab. Once inside click on Certificates tab.

STEP 5

Once inside Certificates section click on Import. For Class select “Personal Trusted CA”. Check VPN, Web and Wi-Fi then click Next.  On next screen select caCert.p12 file ONLY then click on Import. When asked for password enter “1234″ without “” to install certificate.

STEP 6

Now click on Back tab, then click again on Import. Under Class select “Personal Client”. Check VPN, Web and Wi-Fi then click Next. On next screen select clientCert.p12 file ONLY then click on Import. When asked for password enter “1234″ without “” to install certificate.

 


I hope that this will help.

In any case please report about results with you OS version and VPN log.

 

 

Please use plain text.
New Contributor
aplant3
Posts: 5
Registered: ‎06-17-2013
My Device: Blackberry Z10

Re: VPN using Microsoft IKEv2 protocol don't works

No certificates added to my BB

Please use plain text.
New Contributor
chewpick
Posts: 6
Registered: ‎06-13-2013
My Device: Z10

Re: VPN using Microsoft IKEv2 protocol don't works

if i set mine to the vpn autoconnect option instead of just seeing unknown error, now i get bad profile parameters and it actually shows up in the log. but still nothing useful in there besides that. I really hope they fix this.
Please use plain text.
Contributor
xM74
Posts: 21
Registered: ‎05-19-2013
My Device: Z10

Re: VPN using Microsoft IKEv2 protocol don't works

"Bad profile parameters" for me was resolved by installing certificates as I wrote before.

Please use plain text.
New Contributor
aplant3
Posts: 5
Registered: ‎06-17-2013
My Device: Blackberry Z10

Re: VPN using Microsoft IKEv2 protocol don't works

I have asjked the people in charge of VPN and they said they had no certificate for me to load. A bit weird :smileywink:

Please use plain text.
New Contributor
chewpick
Posts: 6
Registered: ‎06-13-2013
My Device: Z10

Re: VPN using Microsoft IKEv2 protocol don't works

[ Edited ]

Success!!  I am able to use my IKEv2 using my own root CA, and vpn cerficates.

 

So here's what I did after recreating a fresh VPN profile. (doubt this is necessary)

 

1. I noticed on my device at least that after updating to 10.1 that my root CA cert was missing, although the VPN cert was still there. wierd.

 

2. re-imported the root CA cert by redumping the .cer file into the certs share via wifi.

 

3. Instead of using the VPN cert in the Microsoft IKEV2 VPN Profile where it says Gateway CA certificate, I changed this to the Root CA's cert from the dropdown list. (my server address at the top does match the name of my vpn cert)  THIS IS THE IMPORTANT PART.  Even with the root CA cert imported, leaving this section configured with the VPN Cert will not work.

 

4. turned off the home wifi connection so that I could connect though my cell network.

 

5. Left all my other settings the same,

 - GW type: Microsoft IKEv2 VPN Server

 - Authen Type: EAP-MSCHAPv2

 - Authen ID Type: Fully Qualified Domain Name

 - Auth ID :   DOMAIN\Username

 - pass etc..

 - Gate Auth Type: PKI

 - Gate Auth ID Type: Identity Certifcate Distinguished Name

 - Gateway CA Cert : Root CA Cert (NOT the VPN Cert)

 

Upon connecitng, everything just worked. YAY!! I hope this helps others out there.

 

 

Please use plain text.
Contributor
xM74
Posts: 21
Registered: ‎05-19-2013
My Device: Z10

Re: VPN using Microsoft IKEv2 protocol don't works

Sure. See my post below with link to certificates and installation procedure.

Also you may use your own certificates as chewpick said.

Please use plain text.
Contributor
xM74
Posts: 21
Registered: ‎05-19-2013
My Device: Z10

Re: VPN using Microsoft IKEv2 protocol don't works

Great news. As for me - I using 'All CA Certificates' as 'Gateway CA Cert '.

Please use plain text.