Set up a VPN for iPhone and iPad
VPNs (virtual private networks) provide secure remote access to private networks. Users commonly experience authentication errors, DNS resolution issues, or misconfigured VPN settings that prevent access to company networks.
VPN configuration on iPhone and iPad
iPhone and iPad include built-in support for L2TP, IKEv2, and IPSec VPN connections. You configure these through Settings by adding a VPN configuration. Some organizations require third-party VPN apps with specific protocols or security requirements.
Before you begin
Contact the network administrator for your organization or VPN service provider for the VPN settings. These include the VPN connection type, server address, account name, and authentication settings like a password or certificate.
If you received a VPN configuration profile, tap it to install the connection. If not, follow the steps below to manually enter the settings.
Enter VPN settings manually
On the iPhone or iPad, tap Settings > General > VPN & Device Management.
Tap Add VPN Connection, the select the type of connection.
L2TP (Layer 2 Tunneling Protocol) is an extension of PPTP (Point-to-Point Tunneling Protocol) used by internet service providers to enable a VPN over the internet.
IPSec (Internet Protocol Security) is a set of security protocols.
IKEv2 (Internet Key Exchange version 2) is a protocol that sets up a security association in IPSec.
Enter the required settings:
Description: Enter a name for the service
Server: Enter the VPN server address
Remote ID: Enter the remote ID (IKEv2 connections)
Local ID: Enter the local ID (IKEv2 connections)
Authentication type: Select the authentication type
User name: Enter the account name
Password: Enter the password
Tap Done.
Change VPN settings
Steps to take:
The available settings vary depending on the type of VPN service selected.
To change these settings, tap Settings > General > VPN & Device Management.
VPN configuration options
Option | Description | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Service name | The name of the VPN service and the connection status indicator. | ||||||||||
Connect or Disconnect | Turn the VPN service on or off. | ||||||||||
Manage service | Tap the Info button next to the service, then enter settings for the service. | ||||||||||
Add VPN Configuration | Set up a new VPN service. | ||||||||||
VPN Info button settings
Option | Description | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Display Name | Enter a name for the service. | ||||||||||
Server | Enter the address of the VPN server. | ||||||||||
Account | Enter the account name. | ||||||||||
Password | Enter the password for the VPN account. | ||||||||||
Remote ID | Enter the remote ID for the VPN account (IKEv2 connections). | ||||||||||
Local ID | Enter the local ID for the VPN account (IKEv2 connections). | ||||||||||
Authentication | Enter the authentication details for the account. | ||||||||||
Remove a VPN configuration
On the iPhone or iPad, tap Settings > General > VPN & Device Management.
Tap the Info button next to the VPN service you want to remove.
Tap Delete VPN, then confirm you want to remove it.
Test DNS resolution
DNS resolution issues are common with VPN connections. Unlike Mac, iPhone and iPad don’t have built-in command-line tools, but you can test DNS functionality through other methods.
Open Safari and try to access https://www.apple.com.
Try accessing an internal company website.
Check if external sites load properly while VPN is connected.
Check DNS settings
In Settings > Wi-Fi, tap the Info button next to your network.
Verify DNS servers are correctly configured.
Try temporarily switching to a different DNS server.
Common DNS troubleshooting steps
Verify VPN DNS settings: Check that the VPN configuration includes the correct DNS server addresses for internal resources.
Test external connectivity: Use Safari to verify external websites load properly.
Test internal connectivity: Try accessing internal company resources to verify VPN routing.
Reset network settings: In Settings > General > Transfer or Reset [iPhone][iPad] > Reset > Reset Network Settings (this removes all Wi-Fi passwords).
Check VPN app settings: If using a third-party VPN app, verify DNS settings within the app.
If the VPN connection isn’t working
What to look for:
Authentication failures
Configuration errors
Slow internet speeds
Random disconnection
Can’t access certain websites or services
Compatibility issues
Third-party VPN apps crash or freeze
What’s happening:
VPN connectivity issues can stem from incorrect credentials, misconfigured network settings, DNS resolution problems, or compatibility issues with third-party software.
Steps to take:
Perform initial checks: Ensure the device is connected to the internet. Verify the user can access internal resources without the VPN enabled. Confirm the correct VPN type is selected in the configuration.
Perform credential and configuration checks: Verify the username and password are entered correctly. Check that the shared secret or certificate is properly configured and that the VPN server address is accurate and reachable.
Check network settings: Verify DNS is correctly resolving internal resources. Review whether split-tunneling settings are configured correctly for the user’s needs.
Review app-specific logs: If using a third-party VPN app, check the app’s connection logs and error messages for troubleshooting information.
Test with different networks: Try connecting to the VPN from different Wi-Fi networks or cellular data to isolate network-specific issues.
Glossary of VPN terms
Configuration profile: A file containing VPN settings that can be installed on iPhone and iPad to automatically configure network connections.
DNS (Domain Name System): Service that translates domain names into IP addresses, allowing devices to locate and connect to websites and servers.
IKEv2 (Internet Key Exchange version 2): Protocol used to establish secure VPN connections by negotiating security associations between devices.
IPSec (Internet Protocol Security): A suite of protocols that provides secure communication over IP networks by authenticating and encrypting data packets.
L2TP (Layer 2 Tunneling Protocol): A tunneling protocol that creates secure connections between devices over public networks.
Local ID: An identifier used in VPN authentication to specify the client device connecting to the VPN server.
Remote ID: An identifier used in VPN authentication to specify the remote endpoint or server that the client is connecting to.
Server address: The IP address or domain name of the VPN server that clients connect to for secure network access.
Shared secret: A password or key shared between the client and server for authentication in VPN connections.
Split tunneling: A feature that lows users to route some traffic through the VPN while accessing other resources directly through their local internet connection.
VPN (Virtual Private Network): A secure connection that encrypts internet traffic and provides access to private networks over public internet infrastructure.