IPsec VPN from Windows to Vigor Router using Aggressive mode

IPsec VPN in Aggressive mode can establish between Windows and Vigor Router with peer IDs and pre-shared key by using Shrew VPN Client. This article demonstrates how to create an IPsec tunnel between Vigor Router and Windows.

Router Setup

1. Go to VPN and Remote Access >> Remote Dial-in User.

  1. Enable this account.
  2. Allow IPsec tunnel as dial-in type.
  3. Enable Specify Remote Node.
  4. Enter Peer ID. a screenshot of DrayOS IPsec Remote Dial-in user setup
  5. Click IKE Pre-Shared Key.
    1. Enter Pre-Shared Key.
    2. Click OK.
  6. Click OK to save.

    a screenshot of DrayOS IKE Authentication method setup

Windows Client Setup

1. Download Shrew Soft VPN Client

2. Open VPN Access Manager.

  1. Click Add. a screenshot of VPN Access Manager
  2. In general setup,
    1. Enter router domain or WAN IP as VPN Hostname or Server IP.
    2. Disable Auto Configuration.
    3. Select Using an existing adapter and current address. a screenshot of VPN Access Manager
  3. In Name Resolution setup, disable all checkbox. a screenshot of VPN Access Manager
  4. In Authentication setup,
    1. Select “Mutual PSK”.
    2. Set identification to “Fully Qualified Domain Name” for local identity.
    3. Enter FQDN String as peer ID. a screenshot of VPN Access Manager
  5. In Phase1 setup, select aggressive mode.
  6. Click Save. a screenshot of VPN Access Manager
  7. Click the saved VPN Client and connect button to create IPSec tunnel.

Finally, VPN Connect will show the message.

a screenshot of VPN Access Manager

Then ping remote network to trigger the VPN tunnel.

a screenshot of Windows Command prompt window

And Vigor Router shows VPN status on VPN and Remote Access >> Connection Management page.

a screenshot DrayOS VPN connection status

Published On:2019-07-02 

Was this helpful?