Skip to end of metadata
Go to start of metadata


Description:

This document describes the configuration steps to take on the LANCOM router to prevent myVPN configuration profiles from being retrieved over the Internet (WAN).

This is useful if, for security reasons, you wish to restrict the retrieval of myVPN configuration profiles to the local network only.


Requirements:


Procedure as of LCOS version 8.80:

As of LCOS version 8.80, the retrieval of a myVPN configuration profile over the WAN can be prevented in the menu Configuration -> VPN -> myVPN and disabling the option Allow profile download via WAN connections.

    Information:
    If you enable the profile download option, you can use the field Lock profile download after to set the number of login failures after which the download of profiles via the WAN is automatically locked .




Procedure in LCOS 8.62:

1) In LANconfig, open the configuration for the LANCOM router and navigate to the menu item Configuration -> Management -> Admin -> Access rights -> From remote networks.

2) Set the value for HTTPS to Denied.



3) Then change the Access to web server services -> From remote networks to Disabled.




4) Go to the menu Configuration-> VPN -> General and disable the option Accept IPSec over HTTPS.



5) Write the configuration back to the LANCOM router. It is now no longer possible to obtain myVPN configuration profiles over the Internet (WAN).

Any attempt to retrieve a configuration profile over the Internet with the myVPN app would display the following message after entering the PIN: