1 of 1 people found this helpful
Just to be clear, are you trying to connect from the Mac to the SG580 using PPTP, or do you want to configure an IPSec connection?
For PPTP, there are pretty good instructions here: https://www.vpnuk.info/docs/setup-mac-pptp.pdf
For PPTP, being on a dynamic IP shouldn't matter (unless you're doing any IP filtering). For IPSec, the (my) thread at http://community.mcafee.com/thread/20069?tstart=0 might be helpful, or search on IPSec and dynamic and see what pops up currently...
Thanks for the reply Graham. Got it working finally: for anyone else interested the solution was to set up the Snapgear side using the images linked to in this thread: http://community.mcafee.com/message/112219 and then use the OSX built in VPN connection maker in Network Connections which only requires the username (account name in OSX), password (in authentication) and server address. For some reason I had no luck connecting with IPSecuritas.
if you are behind a NAT device ( which undoubtedly are ), you will need to use aggressive mode and specify ID's
Argh... I thought I had it working but it turns out I can only access the snapgear on the internal network, I can't even ping any of our servers including the one that the VPN PPP connection pulled through as the DNS server for the network.
The status on the Snapgear web admin shows the tunnel status as Negotiating Phase 1, the log shows STATE_MAIN_I1 (sent MI1, expecting MR1); born:0s; EVENT_RETRANSMIT in 17s
This message means the UTM has sent the 1st Main mode packet, and is expecting a response but not getting one. As such the tunnel is not up
have you tried aggressive mode. It is far friendlier
Thanks Ross, I've enabled Aggressive mode and have set an endpoint ID in the snapgear tunnel settings but I'm getting still stuck at Negotiating Phase 1 and only able to access the snapgear itself, not the rest of the network. Do you know how I could enter the matching endpoint ID into the client machine? The link that Graham posted earlier shows the configuration options available to OSX - https://www.vpnuk.info/docs/setup-mac-pptp.pdf. They're not that different from the windows options and we've got Windows XP clients connecting to this sort of tunnel. The only difference is for windows we're using MD5 & OSX is using SHA type tunnels in the snapgear to get through the initial authorisation on the client side.
Is there a step by step guide available for this situation?
Edit: Just for clarity, on the snapgear configuration under Local Endpoint Settings I have not specified anything under Optional Endpoint ID. Under Remote Endpoint Settings I have listed in the Required Endpoint ID a value in the format firstname.lastname@example.org. On the client side there is no field listed for Endpoint ID as shown in the link above.
the syslog should assist.
can you post the relevant syslog entries here ?
they will be prefixed with 'pluto'