Comments

  • This was an option I'd considered, changing the internet router to 192.168.0.x Having the Vlan on 192.168.1.x The issue being that there are too many devices on either side of this VLAN which would require static IP changes. The whole point of the exercise is to try and firewall a single device. So even if i got this…
  • My bad on the VPN reference, I meant VLAN. I'm guessing what I'm trying to achieve is unachievable. I've a number of devices like CCTV, fax machines etc that i'd prefer to keep outside of the VLAN, but printers and PC's inside the VLAN. Ideally all using 192.168.1.x to save config chnages.
  • I think I've given in trying to get this to work. After spending hours, I finally guessed the string to use, then hit in to another issue. Two pieces of software fighting for port 1701. I got past this and though that I was finally making headway. My Linux device now makes a connection with the firebox, but I receive an…
  • maybe i'll take this to a Linux forum, as my VPN works ok on other OS's
  • This is where I'm struggling. This is the first time i've seen such a string. So I input that as my phase 1 string, but the same thing happens. The device quickly fails to connect. I see nothing echod in the firebox traffic monitor. Running sudo journalctl -f I can see some errors around unable to start stronSwan, fatal…
  • If you mean the Phase 1 & 2 strings, then I originally, I unput those 3DES settings, but of course it wouldn't connect as my L2TP config is using SHA1-AES(256-bit). However, when I input SHA1-AES(256-bit), nothing appears to happen. The firebox log doesn't even see any attempts to connect. The plugins must work, as I see…
  • It's Linux Mint (Cinnamon). It looks like L2TP isn't installed as a native protocol, so I followed instructions found here. http://stuffjasondoes.com/2018/08/16/configuring-meraki-client-vpn-on-linux-mint-19-network-manager/ Of course I quickly found out that the phase 1 & 2 on that link don't apply to me. I'm just…
  • Having never experienced these settings before, I'm working blind and don't mind admitting to being a bit thick. Could you suggest where I might obtain the correct string, or suggest the string to use.
  • Really struggling here. If I input any of the SHA1 settings in my linux device, it fails to connect, and nothing is echod in the firebox log. If I leave the config empty, then I see this: 2019-11-28 18:22:09 iked (192.168.1.253<->xxx.xxx.129.156)IKE phase-1 negotiation from 192.168.1.253:500 to xxx.xxx.129.156:56490…
  • The highest entries on my L2TP config on the firebox shows PH1 = SHA1-AES(256-bit) and PH2 = ESP-AES-SHA1 I assume these are the settings I need for the Linux config. If so, do I also need to input the (256-bit) portion.