dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
14613

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

1 edit

Brano

MVM

VPN client from DrayTek

While configuring ZyWall5 to Vigor2600V IPSec tunnel I was checking DrayTek's web page and found this (free) VPN client »ftp://ftp.draytek.com/tools/VP ··· /VPN.zip

I haven't tested it yet, but it looks like standard IPSec client that might be working with ZyWalls as well.

Anybody got time to test it?

--
They also have nice syslog for Windows »ftp://ftp.draytek.com/VIGOR290 ··· S254.zip
Allistaken7
join:2005-04-14
Norway

Allistaken7

Member

Did not work very well for me.
Told me tunnel was up when it was not, zywall did not log any IKE packets. Did not support AES , could not find a log.

Uninstalled

StorminNorm
Stormin
Premium Member
join:2003-01-02
Keller, TX

1 edit

StorminNorm to Brano

Premium Member

to Brano
I have been using the 3.2.2 version for some time and it works great using a PSK setup. I use it on my XP laptop connecting back to ZyWall 5, 10, and 30 routers while on the road. The client supports multiple profiles allowing you to preconfigure multiple site VPN settings within the client. The previous 2.2.2 version only remembered single site settings.

I recommend uninstalling any previous versions first. You must perform the "Configure" step which adds the "ProhibitIpSec" and "AssumeUDPEncapsulationsContextOnSendRule" registry values. After a reboot you can setup the profiles to match your VPN router configs. The 3.2.5 version is working as well as the 3.2.2 version mentioned above.

I have had nothing but good experience with the Smart VPN Client over the past two years. I used SSH Sentinel prior but it got buggy after the WinXP SP1 release.
nic8
join:2006-03-04
australia

nic8

Member

Hi, can you detail your setup on the zywall ?
I've tried to get it to work on my zywall 35 but keep getting:

[ID] : Rule [test] Verifying Remote ID failed:
Recv ID: SINGLE, [192.168.0.2]-[192.168.0.2]
vs. My Remote [0.0.0.0]-[0.0.0.0]

It seems there is no way to configure the Remote ID on the draytek client and for some reason the zywall isn't see 0.0.0.0 as a wildcard !!

Thanks

Nic
DavidJWood
Premium Member
join:2001-10-12
UK

DavidJWood

Premium Member

For a dynamic IP rule on the ZyWALL, don't attempt to use IP ID - use DNS or email instead (which are just text strings). I have no experience of this client, but this same ID mismatch issue prevents the use of the MS client in Windows XP.

If using certificates, it's best to use the Subject Name / Distinguished Name information from the certificates.

There's more detail on this, including setup details for the ZyXEL / Safenet client, in »ZyWALL 3.64 firmware / ZyWALL VPN client setup

David
nic8
join:2006-03-04
australia

nic8

Member

The problem I see with the Draytek client is that you can't configure the ID. It seems to just pick the IP and that's it.
Maybe I missed something though

Nic

StorminNorm
Stormin
Premium Member
join:2003-01-02
Keller, TX

StorminNorm to Brano

Premium Member

to Brano
Click for full size
ZyWall 5 VPN-Gateway Policy
Click for full size
ZyWall 5 Network Policy
Click for full size
Client Setup 1

Client Setup 2
Here the screen shots of the ZyWall5 and the VPN Client:
nic8
join:2006-03-04
australia

nic8

Member

Hi StorminNorm

It works perfectly thank's a lot I had been trying to get the working for a while now !!!

Cheers

Nic