In Keenetic routers it is possible to connect to the IPsec Virtual IP server using Xauth PSK authentication to access home network resources. IPsec connection provides absolutely secure access to the home network from a smartphone or tablet: Android and iOS have convenient built-in clients for this type of VPN.
NOTE: Important! The Keenetic router, where the IPsec VPN server will run, must be connected to the Internet with a global IP address, and when using the KeenDNS domain name, it must be configured in Direct Access mode. If any of these conditions are not met, it will not be possible to connect to such a server from the Internet.
To configure the server, it is necessary to install a component of the system 'L2TP/IPsec VPN server'. You can do this on the 'General system settings' page in the 'Updates and component options' section by clicking on 'Component options'.
Then go to the 'Applications' page. Here you will see the 'IPsec VPN server' panel. Click the 'IPsec VPN server' link.
In the 'IPsec VPN server (Virtual IP)' window that appears, specify the security key in the 'Shared IPsec key' field. This security key will need to be specified on the client when configuring the VPN connection.
NOTE: Important! This key is also used by the L2TP/IPsec VPN server.
The 'NAT for clients' option is enabled in the server settings by default. This setting is used to allow VPN server clients to access the Internet.
The total number of possible simultaneous connections is set by the IP address pool size setting. Like the initial IP address, this setting should not be changed unnecessarily.
NOTE: Important! The IP subnet you specify must not match or intersect with the IP addresses of other interfaces of the Keenetic router, as this may result in an IP address conflict.
In the 'Users' section, select the accounts you want to allow access to the VPN server. Here you can also add a new user by specifying a username and password.
After configuring the server, put the switch in the 'Enabled' state.
By clicking on the link 'Connection statistics' you can see the connection status and additional information about active sessions.
When setting up the connection to the VPN server on Android devices, choose the type of VPN connection 'IPsec Xauth PSK', and on iOS devices - 'IPsec'.