This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
Thankyou very much for this guide, I have followed it to the letter. A connection is established but I still cannot access any resources. I guess there are more steps for me to take now? A static route? A mode config?
I disclose right now that I really do not understand IPSec tunnels and have been forced down this route by the latest Mac OS release and our client insisting that he use it ... The previous PPTP connection that he had in El Capitan is now depreciated/removed in this latest 'Sierra' release.
Still no luck, I'm going around in circles as many of those links I had used previous to my post here. I am establishing the link (with either IPSecuritas or the Mac stock client) but I just cannot get to the devices on the internal network... I proper hate Apple.
Additionally I have nothiced (I think) via the UTM logs that in the process of establising the IPSec connection that there IP address 192.168.10.10 comes into play somehow and I'm not entirely sure what it is.
I have used the "DIagnostics" and I can actually ping 192.168.10.10 using "Ping through VPN tunnel" check box!
The local LAN is actually a 192.168.40.0/24 range.
I have redacted the calling public IP.
2016-10-12 14:02:33
[UTM9S] IPsec-SA established[UDP encap 4500->4510]: ESP/Tunnel 192.168.10.10->x.x.x.x with spi=102136819(0x6167bf3)_
2016-10-12 14:02:33
[UTM9S] [CONNECT] IPsec-SA established: ESP/Tunnel x.x.x.x->192.168.10.10 with spi=108165093(0x67277e5)_
2016-10-12 14:02:33
[UTM9S] IPsec-SA established[UDP encap 4510->4500]: ESP/Tunnel x.x.x.x->192.168.10.10 with spi=108165093(0x67277e5)_
Just want to follow-up on this. Were you able to try using another MAC computer or a Windows PC and try to set up a client-to-box VPN with the UTM9s in order to isolate the problem?
Sorry for the late responses, I am still working on this. I did manage to create a link on a WIndows 10 laptop using Shrewsoft client and to do this I also had to alter the Netgear config in a way that made using the Mac even worse. We are getting another Mac onsite tomorrow that I will try with, we also have access to a UTM 25 to try.
Was able to establish a working connection between another Mac and another UTM 25 using the orginal guide. I still could not get the connection to pass traffic when using the new Mac and the original UTM however. Suspect the orgiginal UTM has a "problem", it is a production box though and working in all other respects so I'll have to see what I can do....
I'm really sorrry but I had a complete and utter brain fart and the new Mac (this one on El Capitan) and another UTM 25 did not solve the problem after all. A complete mistake on my part.
I used the original document you posted and was able to connect the tunnel, get an IP address (supplied by the mode config) but I was unable to access the remote LAN in any way at all.
Just to be sure, is your local subnet on the client side different from the LAN subnet you're trying to access on the UTM side of things?
Please also check for any "ANY"-service inbound rules on the UTM, if you can, disable all rules on the UTM temporarily for testing. If that helps, turn them on one by one to find out which one interfers.
Other things to check on the UTM side would be static routes.
