I need to configure the Cisco VPN 3.6.x Windows client to connect to a Netgear FVS318 firewall. The proposal I need to use is IKE-3DES-MD5 using Diffie-Hellman Group 2 and a preshared key. The Netgear FVS318 does not allow for any usernames or groups.
The proposal should be:
Authentication method: preshared key
Encryp Alg: 3DES
Hash Alg: MD5
SA life: Unspecified
Key group: DH 2
Can someone give me instructions on configuring the client for this? I'm not sure how to do it by editing the vpnclient.ini and connection.pcf files. Thanks so much.
First off, I doubt this will work cause the VPN client does some prorietary XAuth stuff with the groups, etc. We don't test our client with any other vendor and we certainly don't support it, so I'd be surprised if you were able to get a connection going.
Having said that, you can change the DH group in the .pcf file, but other than that the client will automatically try every combination of 3DES/DES/SHA/MD5 until it gets a match, I don't believe you can specify these directly. If the above parameters are what the NetGear is expecting, then the client will certainly propose that combination. As I said though, I would doubt you'll get much further with it.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...