Help
Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

KrisKnut
New Contributor

Created on ‎05-23-2016 08:13 AM

L2TP/IPSec and IPSec VPN confusion same 100D

I had this working a few months ago where I had two VPNs on my 100D. An L2TP/IPSec VPN for native Windows clinents and a IPsec VPN for Mac native clients. Since El Capitan and update 10.11.4 changed the default DH Group to 14, I can not run both VPNs anymore. After adding DH Group 14 to the IPSec VPN (which is used for both Mac and Android native VPN clients), L2TP/IPSec VPN Clints try to connect as regular IPSec VPNs. If I try DH 14 for only L2TP, the connection shows up as trying to connect to N/A (keeping DH Group 2 on IPSec for Android VPN).

Also, no matter what I try and config using only L2TP/IPSec (DH Group 14, both Mac and Windows connect using native clients) the Android Native L2TP/IPSec will not connect.

All config is with PSK and AES256-SHA1. I have tried with 3DES-SHA1 and 3DES-MD5, both have same results.

Any Suggestions?

Labels:
209
0 Kudos
0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.