VPN client-to-site settings for MacOS 15 (Sequoia)
Ally Member
Hi, I'm currently using these settings for a working VPN connection from Windows native clients:
Gateway:
- SA Lifetime: 86400
- Negotiation mode: Main
- Proposal (enc/auth): 3DES/SHA1
- Key Group: DH2
Connection:
- SA Lifetime: 3600
- Active Protocol: ESP
- Encapsulation: Transport (L2TP/IPSec) or Tunnel (IKEv2)
- Proposal (enc/auth): AES256/SHA1
- PFS: None
These settings have proven stable and widely supported in Windows' native VPN client and work for both L2TP/IPSec and IKEv2. I now have to connect a new Mac with macOS 15 (Sequoia) via VPN and I'm looking for a minimal change to the above settings in order for the native Mac client to successfully connect.
If anyone has the working settings for the newsest MacOS, please share. I cannot find the supported protocols for Sequoia anywhere online.
Thanks!
PS: I'd like to use the native client on the Mac (or a free alternative), not a paid VPN client.
Best Answers
-
For anyone interested, the native macOS 15 Sonoma VPN client works with the settings that I have posted. No need to do any adjustements, L2TP/IPSec with pre-shared key worked flawlessly.
0 -
Hi @MarkoD
Thank you for sharing your experience and the successful VPN settings for macOS 15 (Sonoma)!
To confirm, the default L2TP VPN setup using the Zyxel VPN wizard can indeed work with the following encryption settings:
- Phase 1: 3DES/SHA1/DH2
- Phase 2: 3DES/SHA1/None
Kay
0
Zyxel Employee
All Replies
-
USG60
0 -
For anyone interested, the native macOS 15 Sonoma VPN client works with the settings that I have posted. No need to do any adjustements, L2TP/IPSec with pre-shared key worked flawlessly.
0 -
Hi @MarkoD
Thank you for sharing your experience and the successful VPN settings for macOS 15 (Sonoma)!
To confirm, the default L2TP VPN setup using the Zyxel VPN wizard can indeed work with the following encryption settings:
- Phase 1: 3DES/SHA1/DH2
- Phase 2: 3DES/SHA1/None
Kay
0 -
Dear @Zyxel_Kay, you can bump up security by using SHA256 instead of 3DES in Phase 2. It works for built-in clients in Windows and also Mac.
1
Freshman Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 152 Nebula Ideas
- 100 Nebula Status and Incidents
- 5.8K Security
- 286 USG FLEX H Series
- 278 Security Ideas
- 1.5K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 251 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 86 About Community
- 75 Security Highlight
