Expired

V. VPN (Virtual Private Networking)

Expired

Teleworker VPN - IPsec XAuth - macOS Client

Products:
Vigor 2620Ln
Vigor 2762
Vigor 2763
Vigor 2765
Show all

Keywords:
IPsec
Teleworker
VPN
XAuth
Show all

DrayTek routers running 3.8.9.1 or later firmware support IPsec with XAuth authentication, which allows many VPN clients to authenticate with a username and password. With IPSec XAuth you are not limited to pre-shared key because each teleworker can use their unique credentials.
This article demonstrates how to create an IPsec Xauth tunnel between Vigor Router and macOS client

Vigor Router Configuration

1. Go to [VPN and Remote Access] > [IPsec General Setup]
a. Enter Pre-Shared Key for Xauth User
b. Click OK to save

kb teleworker xauth macos 01

2. Go to [VPN and Remote Access] > [Remote Dial-in User]
a. Enable User account and Authentication
b. Allow IPsec Xauth dial-in type
c. Enter Username and password
d. Click OK to save.

kb teleworker xauth macos 02

macOS VPN Client Configuration

1. Go to [System Preferences] > [Network] and click +

  • Set Interface to VPN
  • For VPN Type select Cisco IPsec
  • Enter Service Name
  • Click Create

kb teleworker xauth macos 03

2. Populate Server Address with router's WAN IP address or domain, followed by the Account Name and Password.

kb teleworker xauth macos 04

3. Click Authentication Settings and enter the Pre-shared Key in Shared Secret. Then click OK.

kb teleworker xauth macos 05

4. Click Connect to start the VPN connection.

kb teleworker xauth macos 06

Vigor routers display VPN status in [VPN and Remote Access] > [Connection Management] section

kb teleworker xauth macos 07

How do you rate this article?

1 1 1 1 1 1 1 1 1 1

First Published: 09/04/2020
Last Updated: 22/04/2021