Hello everybody,
I can't get my iPhones to work when connected to the VPN created by an FVS318G - whereas I can successfully connect via a Mac, but then all traffic is routed through the FVS318G, not just traffic going to LAN addresses.
Here's my setup.
I have a network with an FVS318G (firmware version 3.0.7-34) that connects to the Internet through a DSL modem in bridge mode. The FVS318G does PPPoE and acts as a DHCP server to machines connected on the LAN side. DNS proxy is enabled. The network it creates is 192.168.0.0./255.
I have created a Mode Config record as follows:
pool: 192.168.11.150 - 192.168.11.210
dns: primary 192.168.0.1 (this is the FVS318G) secondary 8.8.8.8
PFS Key Group: DH Group 2 (1024 bit)
SA lifetime: 300 sec
AES-128
SHA-1
local IP address: 0.0.0.0
local subnet mask: 255.255.240.0
and a policy (that uses the above mode config record) as follows:
Direction/type: Responder
Exchange mode: Main
Local identifier: Local WAN IP
Remote identifier: FQDN, 0.0.0.0
AES-128
SHA-1
Auth: PSK
DH Group: Group 2 (1024 bit)
SA lifetime: 300 sec
dead peer detection: No
Xauth: Edge device, authenticating through user db.
Now, when I set up my VPN client (built-in Mac OS X VPN client, IPsec) and connect from a remote location, everything works fine: it connects, gets an IP from the 192.168.11.x pool, and I can communicate with devices on the LAN side of the FVS318G.
*However* I notice that all traffic, including traffic directed to external addresses, goes through the FVS318G. Even if I set up the Service Order in Mac OS X to use Ethernet and Wi-Fi *before* the VPN.
How do I set up the VPN so that traffic directed from my Mac to external IP addresses, e.g. visiting google.com, doesn't flow through the VPN but instead goes direct?
Also, setting up the VPN client on an iPhone (4GS running iOS 5.1.1) with the same settings as on the Mac, results in the iPhone either not being able to establish a connection (it fails with a message saying "Negotiation with the VPN server failed.") or it connects, but then any communication with a computer on the LAN doesn't work (e.g. if I type in Safari the IP address for one of the LAN computers running a web server) and the same thing occurs for any external IP address or URL.
Can you please help me? Is something wrong in my config?
Thank you!!!
Alberto.
I can't get my iPhones to work when connected to the VPN created by an FVS318G - whereas I can successfully connect via a Mac, but then all traffic is routed through the FVS318G, not just traffic going to LAN addresses.
Here's my setup.
I have a network with an FVS318G (firmware version 3.0.7-34) that connects to the Internet through a DSL modem in bridge mode. The FVS318G does PPPoE and acts as a DHCP server to machines connected on the LAN side. DNS proxy is enabled. The network it creates is 192.168.0.0./255.
I have created a Mode Config record as follows:
pool: 192.168.11.150 - 192.168.11.210
dns: primary 192.168.0.1 (this is the FVS318G) secondary 8.8.8.8
PFS Key Group: DH Group 2 (1024 bit)
SA lifetime: 300 sec
AES-128
SHA-1
local IP address: 0.0.0.0
local subnet mask: 255.255.240.0
and a policy (that uses the above mode config record) as follows:
Direction/type: Responder
Exchange mode: Main
Local identifier: Local WAN IP
Remote identifier: FQDN, 0.0.0.0
AES-128
SHA-1
Auth: PSK
DH Group: Group 2 (1024 bit)
SA lifetime: 300 sec
dead peer detection: No
Xauth: Edge device, authenticating through user db.
Now, when I set up my VPN client (built-in Mac OS X VPN client, IPsec) and connect from a remote location, everything works fine: it connects, gets an IP from the 192.168.11.x pool, and I can communicate with devices on the LAN side of the FVS318G.
*However* I notice that all traffic, including traffic directed to external addresses, goes through the FVS318G. Even if I set up the Service Order in Mac OS X to use Ethernet and Wi-Fi *before* the VPN.
How do I set up the VPN so that traffic directed from my Mac to external IP addresses, e.g. visiting google.com, doesn't flow through the VPN but instead goes direct?
Also, setting up the VPN client on an iPhone (4GS running iOS 5.1.1) with the same settings as on the Mac, results in the iPhone either not being able to establish a connection (it fails with a message saying "Negotiation with the VPN server failed.") or it connects, but then any communication with a computer on the LAN doesn't work (e.g. if I type in Safari the IP address for one of the LAN computers running a web server) and the same thing occurs for any external IP address or URL.
Can you please help me? Is something wrong in my config?
Thank you!!!
Alberto.