First set up a new VPN Server on the controller:
[Sitename] --> Configuration/Network Config -> VPN/VPN --> VPN Server --> Server Create New VPN Server
VPN Type: IPSec
Status: Enable
Interface: <select yout WAN interface>
Remote Host: 0.0.0.0
Local Network Type: Network
Local Networks: <chose the networks for access>
Pre-Shared Key: <chose a password to use for VPN>
Advanced:
IP Pool: <Set up the IP ranges. Use a non-overlapping network>
Primary DNS Server: <Set your LAN DNS server if you have one>
Phase 1 Settings
Key exchange Version: IKEv2
Proposal: SHA-256 - AES 256 - DH19
Negotiation Mode: Responder Mode
Local ID Type: IP Address
Remode ID Type: Name
Remote ID: <give a name>
Phase 2 Settings
Encapsulation Mode: Tunnel Mode
Proposal: ESP - SHA-256 - AES-256
PFS: None
SA Lifetime: Default
Finally, set up your clients for
Mac
Linux