A client of ours wants us to connect to his network through a vpn-tunnel and has supplied some client-software. Problem with this is that it has to be installed on every machine that wants access to the remote network. So I want to set up a vnp-connection between our 1621 and the remote site. The following is set in the client software:
IKE policy: alt/aes/sha
IPSec policy: esp-all-all/ah-all/comp-all/no-pfs
IKE mode: Agressive
Identification: User FQDN
XAUTH: active XAUTH, activate IKE Mode Configuration, XAUTH ID = login-name + password
How to set up the 1621 to make the vpn-connection?
Thanks in advance
Regards,
Henry
VPN-connection between 1621 and AVM Netways
Moderator: Lancom-Systems Moderatoren
Hi Henry,
the 1621 doesn't support XAUTH.
Besides you should never use XAUTH and aggressive mode with pre shared key authentication, because this is vulnerable for man in the middle attacks: everybody who knows the pre shared key (normally everybody in your company, because the key is used as group key) could act as server and get login names and passwords of other users.
If you work with pre shared keys, it is the best to use different keys for each user
Regards
Backslash
the 1621 doesn't support XAUTH.
Besides you should never use XAUTH and aggressive mode with pre shared key authentication, because this is vulnerable for man in the middle attacks: everybody who knows the pre shared key (normally everybody in your company, because the key is used as group key) could act as server and get login names and passwords of other users.
If you work with pre shared keys, it is the best to use different keys for each user
Regards
Backslash