Hi I have just installed the new 210 oxo connect sw with apparently the bug fix for VPN phones.
I have followed the document with the approved FORNIGATE vpn server, which I don't have as yet, but tried to create the link with a DRAYTEK.
Site A being the main site with the OXO and site B being the remote site I managed to connect a pc with VPN dial up via windows no problem username password etc.
I then set up the 8018 set with the relevant details , IP address of OXO , remote Public ip address and PSK etc , booted the phone and get to the stage of asking for the username and password but does not connect.
Site A's draytek VPN logs show an attempts to connect but it doesn't connect. I guess it should login into remote network then communicate to the OXOs CPU, but it isn't.
any ideas in principle this should work.
NEW OXO CONNECT VPN PHONES
Re: NEW OXO CONNECT VPN PHONES
Hi selectt,
I managed to connect the phone with a pfSense appliance, but this isn't really a solution.
The phone sends every 2 hours a IPSEC REKEY request, to switch the encryption keys. The pfSense doesn't seem to handle this one correctly. The VPN breaks and phone resets - which will take much longer on the s Series.
I made a short search for other router IPSEC parameters. For Draytek I found only support of AES256 & SHA-1 with IKE v1. So it won't work.
The required IPSEC parameters are in short:
Phase 1:
IKEv1 - main
PSK
AES256-SHA256 (seems to be AKA as SHA2)
Phase 2:
AES256-SHA256
Dead Peer Detection should 5 seconds.
Newer Lancom router should support these parameters, but I hadn't one yet.
For the moment you have to stay at the Fortigate.
Regards Mario
I managed to connect the phone with a pfSense appliance, but this isn't really a solution.
The phone sends every 2 hours a IPSEC REKEY request, to switch the encryption keys. The pfSense doesn't seem to handle this one correctly. The VPN breaks and phone resets - which will take much longer on the s Series.
I made a short search for other router IPSEC parameters. For Draytek I found only support of AES256 & SHA-1 with IKE v1. So it won't work.
The required IPSEC parameters are in short:
Phase 1:
IKEv1 - main
PSK
AES256-SHA256 (seems to be AKA as SHA2)
Phase 2:
AES256-SHA256
Dead Peer Detection should 5 seconds.
Newer Lancom router should support these parameters, but I hadn't one yet.
For the moment you have to stay at the Fortigate.
Regards Mario
Re: NEW OXO CONNECT VPN PHONES
thanks for the reply I eventually got it working with the fortinet
-
- Member
- Posts: 7
- Joined: 27 May 2019 02:26
Re: NEW OXO CONNECT VPN PHONES
8018 CLOUDEDITION PASSWORD