NEW OXO CONNECT VPN PHONES

Post Reply
User avatar
selectt
Member
Posts: 150
Joined: 04 Jan 2010 05:50

NEW OXO CONNECT VPN PHONES

Post by selectt » 26 Jun 2017 04:22

Hi I have just installed the new 210 oxo connect sw with apparently the bug fix for VPN phones.

I have followed the document with the approved FORNIGATE vpn server, which I don't have as yet, but tried to create the link with a DRAYTEK.

Site A being the main site with the OXO and site B being the remote site I managed to connect a pc with VPN dial up via windows no problem username password etc.

I then set up the 8018 set with the relevant details , IP address of OXO , remote Public ip address and PSK etc , booted the phone and get to the stage of asking for the username and password but does not connect.

Site A's draytek VPN logs show an attempts to connect but it doesn't connect. I guess it should login into remote network then communicate to the OXOs CPU, but it isn't.

any ideas in principle this should work.

mgoegel
Member
Posts: 246
Joined: 12 Feb 2007 12:18
Location: Germany

Re: NEW OXO CONNECT VPN PHONES

Post by mgoegel » 26 Jul 2017 18:13

Hi selectt,

I managed to connect the phone with a pfSense appliance, but this isn't really a solution.
The phone sends every 2 hours a IPSEC REKEY request, to switch the encryption keys. The pfSense doesn't seem to handle this one correctly. The VPN breaks and phone resets - which will take much longer on the s Series.

I made a short search for other router IPSEC parameters. For Draytek I found only support of AES256 & SHA-1 with IKE v1. So it won't work.

The required IPSEC parameters are in short:

Phase 1:
IKEv1 - main
PSK
AES256-SHA256 (seems to be AKA as SHA2)

Phase 2:
AES256-SHA256

Dead Peer Detection should 5 seconds.

Newer Lancom router should support these parameters, but I hadn't one yet.

For the moment you have to stay at the Fortigate.

Regards Mario

User avatar
selectt
Member
Posts: 150
Joined: 04 Jan 2010 05:50

Re: NEW OXO CONNECT VPN PHONES

Post by selectt » 01 Nov 2017 19:11

thanks for the reply I eventually got it working with the fortinet

Post Reply

Return to “Networking”