I set this up a few weeks ago on a linux vps I'm using for dev. IPSEC with IKEV2 and certificates. Native clients on windows 10 and Ubuntu laptop (needed a network-manager plugin to be built), and took the shortcut and used the StrongSwan app on android.
The process was complex and there are things I still don't understand but it does work and the documentation and examples are quite comprehensive. The only issue I had with them was they assume a fair amount of familiarity with subjects that I didn't have. I'm mainly a serverside developer not a network admin, and whilst I have a vague understanding of how certs work I didn't have much awareness of VPN protocols or terminology so I had to abuse google pretty thoroughly.
It took about a day to do and I had to watch logs from server and client to figure it out, but it was interesting. I'm still pleased with the results and would recommend the product.
The process was complex and there are things I still don't understand but it does work and the documentation and examples are quite comprehensive. The only issue I had with them was they assume a fair amount of familiarity with subjects that I didn't have. I'm mainly a serverside developer not a network admin, and whilst I have a vague understanding of how certs work I didn't have much awareness of VPN protocols or terminology so I had to abuse google pretty thoroughly.
It took about a day to do and I had to watch logs from server and client to figure it out, but it was interesting. I'm still pleased with the results and would recommend the product.