Description:
This document describes the configuration steps necessary to set up a IKEv1=
VPN connection between a LANCOM router and the Apple VPN client in MacOS X=
as of version 10.11 El Capitan.
1) Configuration steps on the router=
1.1) In the Setup Wizard, select the option Provide remote access (=
RAS, VPN) and click on Next.
1.2) In the next dialog, select VPN client with user-defined parame=
ters as the option for remote VPN client. Continue the configurati=
on by clicking on Next.
1.3) In the next dialog, enter a name for the VPN connection (e.g. APPLE_VP=
N).
1.4) In the following dialog you have to first select the Preshared=
Key and Aggressive Mode option.
1.5) Then enter any combination of characters you wish in the Presh=
ared Key field. After entering your character combination, a secon=
d window will open for you to repeat the input.
1.6) In the following dialog, check that IKE group 2 is set. If this is not the case, select the option to edit the default I=
KE parameters and, in the next dialog, set this to IKE gro=
up 2.
1.7) In the following dialog window, select the entry Key ID (group=
name) for each of the items Local identity type =
and Remote identity type.
1.8) Enter an identity in each of the fields Local identity and Remote identity (here: apple_vpn).
1.9) In the next dialog window you must deactivate the option Use t=
he PFS algorithm for this connection, as this is not supported by =
the VPN client. Then click on Next to con=
tinue.
1.10) In this dialog, make sure that all of the encryption algorithms are s=
elected.
1.11) In this dialog you keep the default parameters.
1.12) In the subsequent dialog, enter the local IP address=
that is to be assigned to the VPN client when the VPN connection is establ=
ished in the IP address field. Click on Next.
1.13) In the next dialog you can choose to restrict access for the VPN clie=
nt to specific networks. In this example we have allowed the VPN client rea=
ch all IP addresses.
1.14) Click on Next and in the final dialog to confirm the=
end of the Setup Wizard by clicking on the Finish button.
1.15) The settings you made will now be transferred to the router=E2=80=99s=
configuration.
18) After the settings have been successfully transferred to the router, yo=
u must perform a right mouse-click on the router and select the option Configure from the context menu.
1.16) Select VPN =E2=86=92 IKE/IPSec =E2=86=92 General =E2=86=92 Co=
nnection list.
1.17) In the connection list, mark the VPN connection with the name APPLE_VPN and click on the Edit... button.
1.18) In the Edit Entry window, change the value of the XAUTH field to the Server option.
1.19) Click on the OK button to accept the changed setting=
and to close the dialog window.
1.20) Select Communication =E2=86=92 Protocols =E2=86=92 PPP list=
strong>.
1.21) Click on the Add option and select from the =
Remote site option in the dialog that follows the remote site you =
configured in configuration step 1.3 (here: APPLE_VPN).
1.22) You do not need to enter anything in the User name f=
ield.
1.23) Enter a password of your choice in the Password fiel=
d.
1.24) Click on the OK button to accept the changed setting and to close the dialog wind=
ow.
1.25) In the configuration dialog, click on the OK button =
to finish manual configuration and to transfer the changes settings to the =
router. The configuration of the LANCOM VPN gateway is now complete.
2) Configuring the VPN client in MacOS X as of version 10.11 El =
Capitan
2.1) In the Network configuration dialog window, click =
on the + button (marked red in the figure below) and select the option VPN (Cisco IPSec).
2.2) Enter the following in the fields Server Address, =
Account Name and Password:
- Server address: Enter the public IP address or the Dyn=
DNS address where the LANCOM router can be reached.
- Account name: Enter the name of the VPN connection tha=
t you assigned to the VPN connection in step 1.3 of the LA=
NCOM configuration (in this example it is apple_vpn).
- Password: Enter the password that you assigned in step=
1.24 of the LANCOM configuration.
2.3) Click the Authentication settings... button.
2.4) In the Machine Authentication dialog, select the Shared Secret option and enter the character combination in th=
e input field that you assigned in step 1.5 of the LANCOM configuration.
2.5) In the Group Name field enter the name that you assig=
ned as the Local identity and the Remote identity in step 1.8 of the LANCOM configuration (in this example it is apple_vpn).
2.6) Click on the OK button to accept your settings.
2.7) If you wish, you can click on the option Advanced... =
in the Network configuration dialog and assign additional =
DNS servers for the VPN tunnel.
2.8) Click on the OK button to accept the data and return =
to the Network configuration dialog.
2.9) If you wish to have a better view of the status of the VPN connection =
you should activate the option Show VPN status in menu bar=
.
2.10) Click on the Connect button to establish the VPN con=
nection.
2.11) The VPN client has now been successfully configured.
|