How to setup Blackberry Playbook VPN
April 19, 2011
Blackberry have graced the IT and Business professionals with a built-in VPN client for your Playbook, allowing you to securely access and browse your corporate information.
Supports VPN for Cisco ASA, CheckPoint, Juniper and much more. “NO SSL-VPN YET :(“
So what’s required?
-> You need a VPN gateway or internet router that supports VPN.
-> You need to configure individual users and passwords to authenticate playboks onto your network.
-> You need a Blackberry Playbook duh, thats connected via Wifi, Tethered 3G phone or via your BES.
* Use WiFi only before you attempt to VPN, Ensure Internet Tethering Turned off when in Bridged mode with your device.
* If you’re in bridged mode with your BES mobile device and have Internet Tethering On. Use your Bridge Browser application and not establish a VPN. This will also allow you to access internal websites and internet.
So how do I do it?
You need to have a VPN solution in place already.
If you use Cisco ASA here’s a quick video on Easy VPN -> http://www.youtube.com/watch?v=aINAoLdVBt4
-> Go to Settings
-> Navigate to “Security”
-> Add New VPN Profile
-> Specify & Add New VPN Profile Settings
1. Unfourtunately you can’t enter your dns name of your vpn. for example “myvpn.website.com”, you need to specify and IP address. To find this you need to go to http://www.kloth.net/services/nslookup.php and type in your vpn domain name. This will give you an IP address to specify as the gateway address.
2 Ensure you select your VPN profile that matches your VPN technology.
-> Select an Authentication Type
Blackberry Playbook supports some of the best authentication types the industry has to offer. Do your homework which authentication type is suitable for your organisation or business.
Also check VPN crypto support -> http://docs.blackberry.com/en/admin/deliverables/27308/VPN_crypto_support_1576169_11.jsp
Hybrid Auth and XAuth are extensions to the Internet Key Exchange (IKE) protocol. IKE is an important element of PKI that defines how security credentials are exchanged over the IP Security (IPSec) tunneling protocol. Using IPSec with IKE, one of two types of authentication to access the network can be employed: preshared keys and digital certificates “Xauth PSK”. While preshared keys “PSK”, which are unique to each user, are fine when employed by a small number of users, deploying a unique key for each remote user in situations where there may be hundreds or thousands of remote users can be an administrative burden and a management nightmare.
-> Specify Authentication ID
This would be the username and password your IT Helpdesk has provided you with. You or your firewall team need to configure individual local access on the VPN gateway.
-> Advanced VPN Settings
**Don’t touch these if you’re sure**
-> Connect to VPN
-> VPN Status
The following can be checked whether you’re connected or not.