< Knowledge Base

L2TP over IPsec VPN from macOS to Vigor Router

Published On: Jun 29, 2016 

This article demonstrates how to set up Vigor Router as a VPN server for L2TP over IPsec VPN and how to start the VPN from macOS.

VPN Setup on Vigor Router

1. Go to VPN and Remote Access >> IPsec General Setup, enter and confirm the Pre-Shared Key, then click OK. 

a screenshot of DrayOS

2. Go to VPN and Remote Access >> Remote Dial-in User, click on an index available to create a new account:

  • Enable this account,
  • enable "L2TP with IPSec" for Allowed Dial-in Type and select "Must" for IPsec Policy,
  • enter User Name and Password,
  • click OK to save.
a screenshot of DrayOS

3. If the VPN user is online, you will see VPN connection status at VPN and Remote Access >> Connection Management.

a screenshot of DrayOS VPN Status

1. Go to User Management >> User Profile, add a profile as follows:

  • enter Username,
  • check Enable,
  • enter Password,
  • select "Enable" for L2TP Dial-in,
  • click Apply.
  a screenshot of Vigor3900

2. Go to VPN and Remote Access >> Remote Access Control,

  • make sure Enable L2TP VPN Service is checked,
  • select "L2TP over IPsec" for IPsec Remote Dial-In Service, 
  • click Apply
a screenshot of Vigor3900

3. Go to VPN and Remote Access >> IPsec General Setup, enter a Preshared Key then click Apply.

a screenshot of Vigor3900

4. If the VPN user is online, you will see VPN connection status at VPN and Remote Access >> Connection Management.

a screenshot of Vigor3900
Connecting VPN from macOS

1. Go to System Preferences >> Network.

a screenshot of macOS

2. Click + to add a new network and edit the profile as follows:

  • Select VPN for Interface
  • Select "L2TP over IPSec" for VPN Type
  • Enter a Service Name
  • Click Create.
a screenshot of macOS

3. Enter Server Address as the WAN IP of the router and Account Name as the username in the router's user profile. Then, click Authentication Settings.

a screenshot of macOS

4. Select "Password" for User Authentication and enter the password in the user profile. For Machine Authentication, select "Shared Secret" and enter the pre-shared key set in the router's IPsec General Setup.

a screenshot of macOS

5. Click Apply, then Connect. And wait for the connection to establish.

a screenshot of macOS

6. When seeing this status, you are connecting to the VPN server successfully.

a screenshot of macOS

We can use Terminal to verify the connection by ping the local IP on the remote network.

a screenshot of macOS terminal

Was this helpful?     


Related Articles