Skip to content
This repository has been archived by the owner on Jun 4, 2021. It is now read-only.

Add instructions for OpenConnect app on Android. #1440

Open
wants to merge 12 commits into
base: master
Choose a base branch
from
27 changes: 27 additions & 0 deletions playbooks/roles/openconnect/templates/instructions.md.j2
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,33 @@ Client certificates are a mechanism by which clients can authenticate themselves
<a name="android"></a>
### Android ###
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

<a name="android-openconnect"></a>
### Android OpenConnect ###


1. Download a [client certificate file](#clientcerts) from the list above.
1. Download [OpenConnect](https://play.google.com/store/apps/details?id=app.openconnect) from Google Play.
1. Launch the application.
1. Tap the *+* icon to add a new VPN.
1. Enter `{{ streisand_ipv4_address }}:{{ ocserv_port }}`.
1. Tap *CA certificate*.
1. Find the server certificate file you downloaded (ca.crt) and tap it. Most likely it is in the Download folder if you downloaded it using the browser on your phone.
1. Tap the *Select* button at the bottom of the screen.
1. Tap *User certificate*.
1. Find the client certificate file you downloaded and tap it.
1. Tap the *Select* button at the bottom of the screen.
1. Tap *Private key*.
1. Tap the same client certificate file you selected for *User certificate*.
1. Tap the *Select* button at the bottom of the screen.
1. Tap the Back button.
1. You should see an entry under the *PROFILES* section.
1. Tap that entry.
1. First time only:
1. Accept the Connection Request dialog that Android displays.
1. You will be prompted *Enter PKCS#12 pass phrase:*. Enter the password for the client certificate that you downloaded. Note: You may receive an error during this phase. If so, try again a couple of times.
1. You will be prompted *Certificate warning*. Tap *Always connect.*
1. Each time you connect:
1. You will be prompted *Please select your group.* The correct default has already been chosen. Tap *OK*.
1. You should be good to go! You can verify that your traffic is being routed properly by [looking up your IP address on DuckDuckGo]({{ streisand_my_ip_url }}). It should say *Your public IP address is {{ streisand_ipv4_address }}*.

Alternate instructions using Cisco AnyConnect, in case the above instructions fail:
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

<a href="android-anyconnect"></a>
### Android AnyConnect ###
Alternate instructions using ....


1. Download [Cisco AnyConnect](https://play.google.com/store/apps/details?id=com.cisco.anyconnect.vpn.android.avf) from Google Play.
1. Launch the application.
1. Tap *OK* to accept the "Supplemental End User License Agreement for AnyConnect&reg; Secure Mobility Client vx.x and other VPN-related Software".
Expand Down