ATP-100 Surfshark VPN
Freshman Member
Hi community,
first…i'm a home user with basic network skills and try to configure a VPN to the provider Surfshark.
Surfshark available connection methods: Openvpn, Wireguard, IKEv2
As i understand only IKEv2 is working on my Zyxel ATP-100, so i try to apply the settings.
Surfshark don't provide a presharedkey, instead provide a certificate (.crt)
In the VPN settings i can only choose from "My certificates" but im not able to upload the certificate.
The system response is:
errno: -17010
errmsg: PKI certificate request does not exist.
How i can create such a request to import this certificate?
Else in the "trusted certificates" section the certificate upload works well.
One more thing:
The surfshark certificate is with SHA256 RSA encryption 4096bit
If i try create a certificate there is no higher option then 2048bit
All Replies
-
Even if you could upload the certificate it will not help you as for reasons I do not know you can't setup VPN to connect to such VPN providers to route traffic to the VPN maybe that will change one day I don't know.
The only way I know of was to use a VPN providers with PPTP which only works because some ISP require this but you can use it to route traffic down it.
0 -
Hi Peter,
many thanks for the fast reply.
I'm wondering that not Zyxels IKEv2 not works with VPN providers. In the VPN wizard i choose the option "Remote connection client role". So i hope maybe works for me.
I come back to my initial question how import the certificate to try at least if the VPN works. May with the latest firmware it's possible.
If IKEv2 not works as you say, can you give me a hint how configure the PPTP connection?
0 -
So for PPTP go to object > ISP account there you can make a PPTP with mppe-128 weak encryption due to how old PPTP is and MSCHAP-V2 authentication along with user name a password and server then go to network > interface > PPP and setup base port you WAN zone the account profile you made then it will connect and you can make routing rule to have traffic go down the PPTP of your VPN if your VPN providers supports PPTP that is.
0 -
Many thanks for the instructions regarding PPTP. Seems that Surfshark support this type of connection but i read that this type of connection is old not safe. I try it out and let you know…
For the mentioned security reason i will also try to establish the IKEv2 connection. Any hint to import the certificate?
0 -
Hi @Miky,
You may reference this FAQ:
How to import the certificate for local GUI used — Zyxel Community
0 -
Hi Melen,
thank you for the FAQ link.
The FAQ talk about merging a key with a certificate. Also i see pem and pfx files are used.
I have only a crt file from my VPN provider.
Please excuse me for not having a deep knowledge of certificate types.
0 -
Hi Peter, i follow your clear instructions but didn't work. The connection can't established. I'm wondering why in the PPP settings afterwards i found an assigned IP and DNS.
0 -
Hi @Miky,
I don't think it can be done.
As I know, Zyxel firewall not support as an IPsec client to request IP address from VPN server.
It support site to site and VPN server only.
0 -
Hi,
I have to accept that with my device it‘s not possible to establish a Sursharc VPN connection.
Nevertheless i‘m surprised of the very quick and professional help in these community.
Thank YOU!
May you have a recommandation for a small device to add to my ATP100 to manage only the VPN connection?
I don‘t know if it‘s important but i have also a Zyxel NWA210AX wifi access point.
0 -
PPTP still does its job perfectly.
https://www.google.com/search?q=pptp+vpn+weakness
I don't find any reason against PPTP for home use. Probably in compare to other VPN protocols it is weak and it is important for big business, but for home using it is still ok.
I would use it with ATP-100.
0
Guru Member
Zyxel Employee
Master Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
