- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: UTM9 Mac OSX Sierra - IPSec VPN
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi all,
I have used the very useful PDF to enable a Mac on latest OS X Sierra to the UTM 9.
It even gets an IP address (as per the mode config).
But it cannot access or ping any devices on the network.
What have I screwed?
Cheers 🙂
Andy
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'd like to end this as closed. We achieved the required result by reverting back to standard PPTP using a 3rd party paid app on the Mac called Shimo.
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: UTM9 Mac OSX Sierra - IPSec VPN
Hi flattened,
Kindly access the article below and it might help:
Mac OS X VPN Client install with ProSAFE VPN Firewall/Router
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: UTM9 Mac OSX Sierra - IPSec VPN
Hello Dane,
Thankyou very much for this guide, I have followed it to the letter. A connection is established but I still cannot access any resources. I guess there are more steps for me to take now? A static route? A mode config?
I disclose right now that I really do not understand IPSec tunnels and have been forced down this route by the latest Mac OS release and our client insisting that he use it ... The previous PPTP connection that he had in El Capitan is now depreciated/removed in this latest 'Sierra' release.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: UTM9 Mac OSX Sierra - IPSec VPN
Hi flattened,
Let me share the old forum link below. There are a lot of suggestions you can try.
https://community.netgear.com/t5/VPN-Firewalls/Mac-OS-X-Yosemite-VPN-setup/td-p/985348
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: UTM9 Mac OSX Sierra - IPSec VPN
Still no luck, I'm going around in circles as many of those links I had used previous to my post here. I am establishing the link (with either IPSecuritas or the Mac stock client) but I just cannot get to the devices on the internal network... I proper hate Apple.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: UTM9 Mac OSX Sierra - IPSec VPN
Additionally I have nothiced (I think) via the UTM logs that in the process of establising the IPSec connection that there IP address 192.168.10.10 comes into play somehow and I'm not entirely sure what it is.
I have used the "DIagnostics" and I can actually ping 192.168.10.10 using "Ping through VPN tunnel" check box!
The local LAN is actually a 192.168.40.0/24 range.
I have redacted the calling public IP.
2016-10-12 14:02:33 | [UTM9S] IPsec-SA established[UDP encap 4500->4510]: ESP/Tunnel 192.168.10.10->x.x.x.x with spi=102136819(0x6167bf3)_ |
2016-10-12 14:02:33 | [UTM9S] [CONNECT] IPsec-SA established: ESP/Tunnel x.x.x.x->192.168.10.10 with spi=108165093(0x67277e5)_ |
2016-10-12 14:02:33 | [UTM9S] IPsec-SA established[UDP encap 4510->4500]: ESP/Tunnel x.x.x.x->192.168.10.10 with spi=108165093(0x67277e5)_ |
2016-10-12 14:02:33 | [UTM9S] Adjusting peer's encmode 61443(61443)->Tunnel(1)_ |
2016-10-12 14:02:33 | [UTM9S] No policy found, generating the policy : 20.0.0.71/32[0] 192.168.40.0/24[0] proto=any dir=in_ |
2016-10-12 14:02:33 | [UTM9S] Using IPsec SA configuration: 192.168.40.0/24<->0.0.0.0/0 from utm_remote1.com_ |
2016-10-12 14:02:33 | [UTM9S] Responding to new phase 2 negotiation: 192.168.10.10[0]<=>x.x.x.x[0]_ |
2016-10-12 14:02:32 | [UTM9S] purging spi=187648033._ |
2016-10-12 14:02:32 | [UTM9S] Sending Informational Exchange: notify payload[INITIAL-CONTACT]_ |
2016-10-12 14:02:32 | [UTM9S] ISAKMP-SA established for 192.168.10.10[4500]-x.x.x.x[4510] with spi:287fca8f27ace56e:4d9167164d0dc7dd_ |
2016-10-12 14:02:32 | [UTM9S] NAT detected: Local is behind a NAT device. and alsoPeer is behind a NAT device_ |
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: UTM9 Mac OSX Sierra - IPSec VPN
Hi flattened,
Have you tried using another MAC computer or a Windows PC and try to set up a client-to-box VPN with the UTM9s in order to isolate the problem?
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: UTM9 Mac OSX Sierra - IPSec VPN
Hi flattened,
Just want to follow-up on this. Were you able to try using another MAC computer or a Windows PC and try to set up a client-to-box VPN with the UTM9s in order to isolate the problem?
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: UTM9 Mac OSX Sierra - IPSec VPN
Hi Dane,
Sorry for the late responses, I am still working on this. I did manage to create a link on a WIndows 10 laptop using Shrewsoft client and to do this I also had to alter the Netgear config in a way that made using the Mac even worse. We are getting another Mac onsite tomorrow that I will try with, we also have access to a UTM 25 to try.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: UTM9 Mac OSX Sierra - IPSec VPN
Was able to establish a working connection between another Mac and another UTM 25 using the orginal guide. I still could not get the connection to pass traffic when using the new Mac and the original UTM however. Suspect the orgiginal UTM has a "problem", it is a production box though and working in all other respects so I'll have to see what I can do....
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: UTM9 Mac OSX Sierra - IPSec VPN
Hi flattened,
Thanks for the update. 🙂
Here are my follow-up questions:
a. Is the other MAC you have used a MAC OS X Sierra also?
b. Using the other MAC you have mentioned, were you able to try to set up an client-to-box IPSec VPN connection with the UTM9s to isolate the problem?
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: UTM9 Mac OSX Sierra - IPSec VPN
Hi Dane,
I'm really sorrry but I had a complete and utter brain fart and the new Mac (this one on El Capitan) and another UTM 25 did not solve the problem after all. A complete mistake on my part.
I used the original document you posted and was able to connect the tunnel, get an IP address (supplied by the mode config) but I was unable to access the remote LAN in any way at all.
Back to the drawing board.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: UTM9 Mac OSX Sierra - IPSec VPN
Just to be sure, is your local subnet on the client side different from the LAN subnet you're trying to access on the UTM side of things?
Please also check for any "ANY"-service inbound rules on the UTM, if you can, disable all rules on the UTM temporarily for testing. If that helps, turn them on one by one to find out which one interfers.
Other things to check on the UTM side would be static routes.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'd like to end this as closed. We achieved the required result by reverting back to standard PPTP using a 3rd party paid app on the Mac called Shimo.