Archive
Client VPN OS Configuration
logo
Archive

No results found

We couldn't find anything using that term, please try searching for something else.

Client VPN OS Configuration

2024-11-13 This article outlines instructions to configure a client VPN connection on commonly used operating systems. Learn free online training courses Mera

Related articles

Best Free VPN for Iran
Best Free VPN for Iran The Iranian government imposes strict internet restrictions,blocking numerous apps like Facebook,Twitter,and YouTube and closely monitoring user activities. To overcome these issues,using the best free VPN for Iran is the best option,as around 80 % of online medium user are doing. The best free VPN services ensure access to blocked websites and protecting privacy. However,no-cost VPNs come with limitations,so for a secure connection,using a VPN with a money-back policy is the best option. After testing,I found ExpressVPN is the best one. It offers fast speeds and nearby servers to Iran for unblocking restricted sites. It provides a special version for Windows,Mac,and...
Installing NordVPN application on macOS
Installing NordVPN application on macOS The first step towards online security is setting up NordVPN correctly. Follow these simple steps to install the NordVPN app  connect VPN server . Note: NordVPN supports macOS 11 Big Sur, macOS 12 Monterey, macOS 13 Ventura, and macOS Sanoma 14 and above. Attention: If you encounter issues during the installation of NordVPN on macOS Ventura, please refer to the following guide for a possible solution: macOS Ventura Error: The Installation Failed. Table of contents: Downloading and installingSetting applicationConnecting to servers NordVPN is features features menu NordVPN settings Downloading and installing Download NordVPN for macOS.Alternatively, click here to download the latest macOS version.  Navigate...
SoftEther VPN Server 配置 (含本机作为server 以及 vps 作为server)
SoftEther VPN Server 配置 (含本机作为server 以及 vps 作为server) 方式1:在本地计算机搭建server 缘由以及可行性 工作室的台式机可以方便地通过有线网访问v6,具体就是双网卡模式: 将有线网卡的v4协议去掉,就不会弹出登录界面,同时有线网卡的v6还可以照常使用。 而v4的网通过路由器即可使用 因此可以将台式机作为 VPN Server,这样我的其他设备如笔记本,手机等都可以方便地用v6了。 台式机服务器端设置 好了开始折腾,自备梯子下载好SoftEther VPN Server之后,安装。 下面进行配置。 下面介绍官网介绍的方式。 打开软件之后,点击“连接”,就会弹出一个界面(当然我这个是设置过的,凑合看): 默认是用local host作为server,上面我提到的vps server作为host的话就要填入vps server的主机名端口号和密码,用local host作server的话只需要设置密码就行了。 然后弹出来一堆设置,大概按照 官网介绍 的设置就行了。 注意我们只需要一个virtual hub就行了,我将其命名为VPN, 如下图: 设置登录用户的随便设,反正我设了好几个,用密码验证就行。 这些东西一开始设错了没事,反正最后给我们一个主界面上面,都可以回去修改,主界面如下图: 我们在本地网桥设置中,将hub和我的以太网适配器(即有线网卡)进行了桥接,这样有线网卡可以get到的资源,我们的vpn client都能get到了。 (不知道为啥我的台式机无线网卡没有出现在桥接列表里,不管他了,反正能用) 另外,我们需要设置虚拟nat和虚拟dhcp,在主界面点击“管理虚拟hub”,就出来了,然后在右下角就看到了。 然后启用securenat,此处的虚拟dhcp的网段可以设为我的台式机server段一样的网段,即192.168.1.10段,我看其他人没动,反正咋样都行吧。 主界面的动态dns可以设一个,后缀是.sedns.cn, 注意这个动态dns不知道为啥只能在局域网使用,也就是几乎没有意义,这时候我们需要点击主界面的 VPN Azure设置,得到一个.vpnazure.net的域名,这个才可以在外网访问我们的vpn,即内网穿透。 注意:得到vpnazure.net的域名之后,一般得等待一段时间(我是好几个小时吧)才能用,啥时候能用呢,就是你ping一下这个域名,全部能reply就行了。 (注意:这个vpnazure.net的域名仍然时好时坏,不稳定,哎,凑合用,不能用就拉倒,不捯饬了) 不过据说用vpnazure.net的话,所有流量都会去azure的服务器走一遍,所以速度有点问题,要是在内网用这个server的话,就老老实实用.sedns.cn吧 要想外网能访问,我们还需要在路由器上,将443端口映射到我的台式机上,这个选项一般在路由器的nat界面,端口转发或者端口映射。 配置好之后最好备份一下,点击主界面的“编辑设置”(在齿轮旁边),然后点击“保存到文件”,我们就备份好了,这样下次安装server的时候只需要在这个地方“导入文件并应用”就行了,这样上面设置的user啊,域名啊都是老样子了。 注:一个很好的参考https://blog.feixueacg.com/softethervpn-easyvpn/ 看了这个我懂了,原来server地方随意,我们打开的只是一个管理器。 客户端设置 在我的笔记本上安装SoftEther VPN Client,建立新连接,填入我们的vpnazure.net的域名,账户和密码,443端口,直接双击就能连接了。 题外话,如同server端有线网卡的设置,我们需要设置client端的虚拟网卡的v6 dns server,就用https://github.com/lennylxx/ipv6-hosts 页面给的两个server就行了。还有client本地的host也设置成以上的链接中的host。 由于在服务器端同时设置了本地网桥和secure nat,因此可以可以使用v6. 方式2:在vps上搭建server 服务器端 我发现有人采用vps的方式,即在其他地方搭一个vps server(如各种云主机),在该vps server 上安装SoftEther VPN Server,同时在工本地电脑上 安装SoftEther VPN server 端管理器就行了 我申请了digitalocean的一个主机,在上面搭建了softether server,为了省钱搞了个512的内存 基本操作可以参考 这个链接 我只是用它自己建了个hub: HubCreate VPN 以及 SecureNatEnable 但这个连接貌似不太靠谱,还是暂时不要用了 我是按照 跨网组建大型局域网之SoftEther VPN的搭建与连接 这个来的 其它类似开机自启啥的我都懒得设置了,反正服务器基本上一直开着的。 注意我按照跨网组建大型局域网之SoftEther VPN的搭建与连接这个连接设置的,在协议设置窗口那里,只勾选了第一个框即`remote access vpn server”,没有勾选第二个,因此就没有必要设置本地网桥(还是别设了) dns server的设置 由于某种特殊的原因dns server的设置非常有必要,注意两个原则 要么让vpn client端设置dns server,要么在vpn server那里设置dns server,两者必选其一 先说第一种方案,在vpn client端设置dns server: 用 softether...

This article outlines instructions to configure a client VPN connection on commonly used operating systems.

Learn free online training courses Meraki Learning Hub :

Sign in with your Cisco SSO or create a free account to start training.

Android

Note:Android devices running Android 12 and above do not support Layer 2 Tunneling Protocol/Internet Protocol Security (L2TP/IPsec) VPNs. Devices with existing configurations will continue to work. Client VPN connection cannot be configured on new devices.

To check the Android version of a device, see Check & update your Android version in Google Support.

To configure an Android device to connect to the client VPN, see Connect to a virtual private network (VPN) on Android in Google Support.

following VPN information needed complete setup :

  • Name:This can be anything you want to name the connection, for example, “Work VPN
  • Type:Select L2TP/IPSEC PSK
  • Server address:Enter hostname ( example :   abcd.com )   active WAN IP(for example: a.b.c.d)
    • Hostname is preferred to improve reliability during WAN failover
    • This information is located in the Meraki dashboard under Security & SD-WAN> Monitor > Appliance status
  • IPSec pre – shared key:Enter pre-shared key that admin created in Security & SD-WANConfigure > Client VPN 

Chrome OS

To configure a Chrome OS device to connect to client VPN, see Set up virtual private networks (VPNs) in Google Support.

following VPN information needed complete setup :

  • Service name:This can be anything you want to name this connection, for example, “Work VPN
  • Provider type:Select L2TP/IPsec
  • Server hostname:Enter hostname ( example :   abcd.com )   active WAN IP(for example: a.b.c.d)
    • Hostname is preferred to improve reliability during WAN failover
    • information located Meraki dashboard  Security & SD-WAN> Monitor > Appliance status
  • Authentication type:   Select  Pre – shared key
  • Username: Credentials connecting VPN—if using Meraki authentication, this will be an email address
  • Password: Credentials connecting VPN
  • Pre – shared key:Enter shared secret that admin created in Security & SD-WAN> Configure > Client VPN

To configure an iOS device to connect to the client VPN, follow these steps:

  1. Navigate to Settings> General > VPN & Device Management> VPN > Add VPN Configuration
  2. Type:Set to L2TP
  3. Description:This can be anything you want to name this connection, for example, “Work VPN
  4. Server: Enter hostname ( example :   abcd.com )   active WAN IP(for example: a.b.c.d)
    • Hostname is preferred to improve reliability during WAN failover
    • information located Meraki dashboard  Security & SD-WAN> Monitor > Appliance status
  5. Account:Enter username
  6. Password:Enter   desired
    • If the password is left blank, it will need to be entered each time the device attempts to connect to the client VPN
  7. Secret:Enter shared secret that admin created in Security & SD-WAN> Configure > Client VPN
  8. Ensure that Send All Trafficis set to on
  9. Save the configuration

macOS

The following authentication methods are supported:

  • User authentication:Active Directory (AD), RADIUS, or Meraki-hosted authentication
  • Machine authentication:Preshared keys (for example: shared secret)

When using Meraki-hosted authentication, the VPN account and username setting is the user email address entered in the Meraki dashboard.

To configure a macOS device to connect to client VPN, see Set up a VPN connection on Mac in Apple Support.

The following VPN information is needed:

  • Display:This can be anything you want to name this connection, for example, “Work VPN
  • Server Address :  Enter hostname ( example :   abcd.com )   active WAN IP(for example: a.b.c.d)
    • Hostname is preferred to improve reliability during WAN failover
    • information located Meraki dashboard    Security & SD-WAN> Monitor > Appliance status
  • Account Name:Enter account name of the user (based on AD, RADIUS, or Meraki cloud authentication)
  • Password:User password (based on AD, RADIUS or Meraki cloud authentication)
  • Machine Authentication > Shared Secret:Enter shared secret that admin created in Security & SD-WAN> Configure > Client VPN 

The following authentication methods are supported:

  • User authentication:Active Directory (AD), RADIUS, or Meraki-hosted authentication
  • Machine authentication:Pre – shared keys

When using Meraki-hosted authentication, the VPN account and username setting is the user email address entered in the Meraki dashboard.

following VPN information needed complete setup :

  • VPN provider: Set to Windows (built-in)
  • Connection name:This can be anything you want to name this connection, for example, “Work VPN”
  • Server address: Enter hostname ( example :   abcd.com )   active WAN IP(for example: a.b.c.d)
    • Hostname is preferred to improve reliability during WAN failover
    • information located Meraki dashboard  Security & SD-WAN> Monitor > Appliance status
  • VPN type: Select L2TP/IPsecwith pre-shared key
  • User nameand Password: optional

After the VPN connection has been created, set the Authentication protocols:

  1. Choose the VPN connection and then select Advanced options >Adapter SettingsNote:  Alternatively , run  ncpa.cpldirectly from Search or Command prompt to quickly access your VPN adapters.
  2. In the Security  tab , selectRequire encryption (disconnect if sever declines) under Data encryption
  3. UnderAuthentication select Allow these protocols and select Unencrypted password (PAP)
  4. Verify that no other protocols are selected

 

 

Passwords sent over an IPsec tunnel between the client device and the MX are always encrypted, even when using PAP authentication protocols. The password is fully secure and never sent in clear text over the WAN or the LAN.

Linux

configure Red Hat Linux   device connect client VPN , Configuring VPN connection Red Hat Documentation .

To configure an Ubuntu Linux device to connect to client VPN, see Connect to a VPN in Ubuntu Documentation.

The following packages, and their dependencies, are minimum requirements for Linux:

  • xl2tpd to implement L2TP
  • strongswan or libreswan to implement IPSec

GUI management of the connection requires the network-manager-l2tp-gnome VPN plugin.