Page 1 of 2 12 LastLast
Results 1 to 10 of 15
  1. #1
    Untangle Ninja
    Join Date
    Jan 2009
    Posts
    1,186

    Default Connecting without the secret.

    Because of my issue connecting to Untangle v11 with ios I fired up a Win 8.1 instance and used the built in vpn client, I selected the Microsoft option from the dropdown. It was curious that it does not have the option for the secret in the L2TP settings, but I guess that doesn't matter because I was able to establish a connection with both Untangle v10 and v11 with only the username and password.

    So now I'm thoroughly confused.

    Untangle v10; ios connects via l2tp with the secret, the ios client requires the secret, win 8.1 connects via l2tp without the secret.

    Untangle v11; ios fails to connect via l2tp, win 8.1 connects via l2tp without the secret.

  2. #2
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,895

    Default

    I'e always needed the secret on Windows. It goes here:

    secret.png

    The capture was done from Windows 8.1
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 16.4.1 to protect 500Mbits for ~450 residential college students and associated staff and faculty

  3. #3
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,813

    Default

    I never understood why Windows does not ask/offer option to enter the secret in the Windows L2TP wizard. Instead it has to be setup after it is created.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #4
    Untangle Ninja
    Join Date
    Jan 2009
    Posts
    1,186

    Default

    Quote Originally Posted by jcoffin View Post
    I never understood why Windows does not ask/offer option to enter the secret in the Windows L2TP wizard. Instead it has to be setup after it is created.
    I don't understand why the Untangle server allowed a connection and access to its network without the secret.

  5. #5
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,813

    Default

    Quote Originally Posted by fasttech View Post
    I don't understand why the Untangle server allowed a connection and access to its network without the secret.
    I bet traffic would not pass.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #6
    Untangle Ninja
    Join Date
    Jan 2009
    Posts
    1,186

    Default

    Quote Originally Posted by jcoffin View Post
    I bet traffic would not pass.
    Except I logged into that v10 Untangle server gui on its internal ip to look at the logs, from across town.

    I appears the Android and iOS clients require the secret to accept the settings before the user can even attempt connection, so one would never realize the server would accept connection without the secret.

    Since the win 8 wizard doesn't require the secret, well... I've been using the openvpn module in Untangle for my clients for years, I only installed the ipsec module in the last couple of weeks because I wanted shell access from my iphone.

    So, I'm not really familiar with the ipsec workings, but accepting connections without the secret, psk, this seems a little weird to me, and this was all because I haven't been able to figure out why I can connect to v10 but not v11 with the iphone.
    Last edited by fasttech; 12-04-2014 at 10:35 AM.

  7. #7
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,813

    Default

    Quote Originally Posted by fasttech View Post
    Except I logged into that v10 Untangle server gui on its internal ip to look at the logs, from across town.
    Humm, I'll have to look into that.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  8. #8
    Untangle Ninja
    Join Date
    Jan 2009
    Posts
    1,186

    Default

    l2tpprop.png

    I had wiped all the vpn connections from the win 8.1 tablet yesterday, I just used the wizard to create a new connection, selected Microsoft for the provider, entered the server and used the local directory user and pwd under type of sign in, I'm on the other side of town, I connected and opened up the gui for one of the local servers, then screen shot the properties as is, no psk, secret.

    Shrug.
    Last edited by fasttech; 12-04-2014 at 12:29 PM.

  9. #9
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,813

    Default

    Quote Originally Posted by fasttech View Post
    l2tpprop.png

    I had wiped all the vpn connections from the win 8.1 tablet yesterday, I just used the wizard to create a new connection, selected Microsoft for the provider, entered the server and used the local directory user and pwd under type of sign in, I'm on the other side of town, I connected and opened up the gui for one of the local servers, then screen shot the properties as is, no psk, secret.

    Shrug.
    You have Data Encryption set to Optional encryption so the server password is never asked during the connection phase. Basically it's a PPTP connection which is in the clear.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  10. #10
    Untangle Ninja
    Join Date
    Jan 2009
    Posts
    1,186

    Default

    Quote Originally Posted by jcoffin View Post
    You have Data Encryption set to Optional encryption so the server password is never asked during the connection phase. Basically it's a PPTP connection which is in the clear.

    Uh huh.

    So, my next question is, where do I find the checkbox that sets the server to force the submission of the psk and doesn't allow the average user to use the win 8.1 wizard to create a connection without it?

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2