V. VPN (Virtual Private Networking)

Teleworker VPN - IPsec XAuth - macOS Client

Vigor 2620Ln
Vigor 2762
Vigor 2765
Vigor 2832
Show all

Show all

DrayTek routers running or later firmware support IPsec with XAuth authentication, which allows many VPN clients to authenticate with a username and password. With IPSec XAuth you are not limited to pre-shared key because each teleworker can use their unique credentials.
This article demonstrates how to create an IPsec Xauth tunnel between Vigor Router and macOS client

Vigor Router Configuration

1. Go to [VPN and Remote Access] > [IPsec General Setup]
a. Enter Pre-Shared Key for Xauth User
b. Click OK to save

kb teleworker xauth macos 01

2. Go to [VPN and Remote Access] > [Remote Dial-in User]
a. Enable User account and Authentication
b. Allow IPsec Xauth dial-in type
c. Enter Username and password
d. Click OK to save.

kb teleworker xauth macos 02

macOS VPN Client Configuration

1. Go to [System Preferences] > [Network] and click +

  • Set Interface to VPN
  • For VPN Type select Cisco IPsec
  • Enter Service Name
  • Click Create

kb teleworker xauth macos 03

2. Populate Server Address with router's WAN IP address or domain, followed by the Account Name and Password.

kb teleworker xauth macos 04

3. Click Authentication Settings and enter the Pre-shared Key in Shared Secret. Then click OK.

kb teleworker xauth macos 05

4. Click Connect to start the VPN connection.

kb teleworker xauth macos 06

Vigor routers display VPN status in [VPN and Remote Access] > [Connection Management] section

kb teleworker xauth macos 07

How do you rate this article?

1 1 1 1 1 1 1 1 1 1