Options
VPN requiring no user interaction
Would love to see Watchguard offer a IKEv2 vpn option that used certificates to authenticate instead of username/password combos, but in the meantime has anyone been able to push out credentials to clients? iOS and Win10 specifically
0
Sign In to comment.
Comments
Hi @BenAllgood
Certificates are supported in some circumstances for the IKEv2 VPN:
(Certificates for Mobile VPN with IKEv2 Tunnel Authentication)
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/certificates/authentication_mvpn_ikev2.html
Keep in mind that users will still be required to authenticate -- certificates are basically used to create keying, vice using a preshared key to do it.
If you'd like to use IKEv2 with certificates without the user logging in. I'd suggest having a firewall at each site, and using an IKEv2 Branch Office VPN (site-to-site VPN.)
-James Carson
WatchGuard Customer Support