Comments
-
Hello @Born2Shine as of today SSL VPNs are free: the client is called SecuExtender as the IPSec Client but it is a totally different application. You can download it here: https://download.zyxel.com/SecuExtender_VPN_Client/software/SecuExtender%20VPN%20Client_SSL_VPN_Client_4.0.5.0.zip This one to be clear: Please note…
-
still looking for possibile configuration in Windows I found that to enable DES and MD5 one has to edit a registry key (not reccomanded for security concerns): from you can disable weak crypto for L2TP by editing the following registry value: HKLM\System\CurrentControlSet\Services\Rasman\Parameters\AllowL2TPWeakCrypto The…
-
I would like to convert this post to the best practices for L2TP over IPSec… which combination of phase 1 proposals, DH and phase 2 proposals pfs do you all use? which is the minimum security level that you would use? what about an aggressive negotiation? anyone uses tunnel instead of transport with windows client?
-
Thank you @zyman2008 i didn't install the app so far but it seems an useful tool to use before resetting a smartphone.
-
since i still haven't found any way to understand who (in the device) is asking for this url, i've followed @zyman2008 's suggestion.
-
Do you mean ddns? Who should issue the certificate? Have any of you even done it? (How? ;-) ) Thank you again
-
Maybe I just didn't want to read such a thing ;-) Can we close it saying that there is no possibility to create a client-server VPN (with certificate) with a firewall behind a router?
-
Thank you @Peppino , thank you @PeterUK for your feedbacks. Would you be so kind to check the configuration and log that i posted a few days ago and compare it with yours? I really cannot understand what i am missing. Apart from the ATP i've made some tests on an USG40 behind a Fritzbox router: the router is configured so…
-
actually the firewall it's not hidden: the ISP router is configured so that the Firewall ip (router lan / firewall wan) is in DMZ so that (theorically) all the traffic to the ISP router is redirected to the firewall. I suppose that in this scenario one's able to connect via VPN, am I wrong?
-
Hello @zyman2008 your solution for avoiding the logs is smart and i'm likely to click "solved" I just wonder how we can understand which app is asking for it (if it's an app and not the system itself)
-
hello, do you see anything in the logs? if you connect a computer to another lan port of the fritzbox are you able to connect? (this test can let you understand whether the problem is the the fritz nat/dmz even if you made the test with the computer directly to the fritzbox have you tried disabling (just for test) the…
-
Hello, have you tried inserting domain.local in: configuration —> system —> host name —> domain name
-
-
update: i tried the same configuration on another firewall with the same firmware, the only difference is that the 2nd fw is not under NAT. In this case it works (same phone).
-
I'm trying to use the wizard to connect an android phone (samsung!) to an ATP with latest firmware, the firewall is under a router, I modified phase 1: in my address instead of "interface" i selected "domain name/IPv4" and entered my public (static) ip. this is what i get on the firewall: this is what i get from…