How to establish an VPN connection with a Nebula firewall by the macOS Sonoma native VPN client?

Zyxel_Jeff
Zyxel_Jeff Posts: 1,246  Zyxel Employee
100 Answers 500 Comments Friend Collector Fourth Anniversary
edited August 28 in VPN

Question :

After updating to macOS Sonoma, if you cannot establish an IKEv2 VPN connection with the Nebula firewall, how do you resolve this problem?

Answer :

Since there are changes to the VPN Phase 1 and Phase 2 parameters for macOS Sonoma's native VPN client, please modify them accordingly to allow the remote VPN to work.

Navigate to Site-wide> Configure > Cloud authentication > To add a user account and allow to use Remote VPN access.

Choose a WAN interface as the remote access VPN server's IP address.

Navigate to Site-wide > Configure > Firewall > Remote VPN > To choose the WAN interface and edit the Custom policy.

Choose the DH group to DH19.

Download the VPN configuration script file for macOS.

Download the script file of RemoteAccess_iOS_macOS_IPSec_VPN.mobileconfig to the Mac device and navigate to Privacy & Security > Profiles > To install the script file.

Allow to install the script file.

Edit the IKEv2 VPN profile, select 'User authentication,' and then choose 'Username.' After that, input the username and password.

Dial the IKEv2 VPN connection successfully.

Navigate to Site-wide > Monitor > Firewall > VPN connections > Check the IKEv2 VPN is established successfully.


See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community