=> after changing the lifetime to 60, this also seems to be fixed, whatever the reason might be.Īuthentication-order How can I fix this, since a lot of the software we work with, rely on names rather than IPs? The DNS server is 10.1.10.18 (in the config below). * perhaps it has to do with the RADIUS verification, but I can't ping nor access a computer if I use the UNC-path ( e.g. The Shrew Soft VPN Connect dialog box appears. On the firewall, I left the phase 1 lifetime on 180, in the ShrewSoft client I've put it on 60 ). To start a VPN connection: Open Shrew Soft VPN Access Manager. Yet I still get disconnected after 2 or 3 minutes? (update - but it needs further testing: I might have this one fixed. As suggested earlier, I changed the lifetimes: phase 1 => 180, phase 2 => 28800. * using ShrewSoft VPN Access Manager 2.2.0, I still get disconnected. The following two problems seem to be solved, I'm leaving this here for future reference for others. * is it possible to limit the VPN access to certain MAC addresses? My fear is that one day users will simply copy the VPN config from their ShrewSoft to their private laptops, which are missing our policies and antivirus software. I've been able to configure RADIUS authentication for accessing the firewall (vendor code 2636, RADIUS = Windows Server 2012). * is it possible to have RADIUS verification, without a dynamic VPN license, with SRX 550, for the "t400-access" profile? Estimated users: 15. Password "$9$K9QWX-YgJHqfVwqfTzCAvWLxVw" # SECRET-DATAĪfter lots and lots of head-aches (my colleague left, I had to jump in, his config was half finished), I've come to this (censored) version, which finally allows me to connect from internet to our network. Pre-shared-key ascii-text "$9$ywMeMXVwgUjq7-jqmfn6revW7-" # SECRET-DATA WatchGuard, the WatchGuard logo, WatchGuard Dimension, Firebox, Core, Fireware, and LiveSecurity are registered trademarks or trademarks of WatchGuard Technologies in the United States and/or other countries.Here is a configuration one of our internal gurus came up with that has been tested in a lab with the Shrew client. If you cannot connect to network resources through an established VPN tunnel, see Troubleshoot Network Connectivity for information about other steps you can take to identify and resolve the issue. Make sure you reset the Log output level to none after you have resolved the connection problem. When you set the Log output level to loud, the Shrew Soft VPN Trace utility can quickly generate a very large file. Review the content of the new text file to find any problems with your connection.Open a text file and press Ctrl-V on your keyboard to paste the copied text into the file.To copy log messages from the Shrew Soft VPN Trace utility, highlight the text in the console, then press Ctrl-C on your keyboard.From the Log output level drop-down list, select loud.ĭebug log messages appear in the console.The Debug Output Options dialog box appears. The Shrew Soft VPN Trace utility appears. From the Windows Start menu, select the Shrew Soft VPN Client > Trace Utility.If the Shrew Soft VPN client fails to connect, you can use the Shrew Soft VPN Trace utility to see more information about why the connection failed.
0 Comments
Leave a Reply. |