We finally got the Symantec VPN working with Mac OS X. Symantec sent us a beta firmware update that seemed to do the trick. Here are the instructions on setting up the Mac OS 10.3 VaporSec VPN client to work with the Symantec Firewall/VPN 200R model. 1. Download the VaporSec software from
http://www.afp548.com/Software/VaporSec/ 2. After you download the software, drag the application into your applications folder 3. Double click on the VaporSec application within your application folder 4. Note: After you open it, the application might popup an apple script error. Just let the application make its noise and when it is done, enter in your desires password. Then click done. It will take you to the setup screen 5. This is the
next screen you should see. Click the Add button on the bottom left of this dialog box. 6. After you click add, you should see the
following screen. Enter in any name into the Connection Name field (example: Office VPN). In the Remote IPSec device field enter your IP address or the domain name to connect to your office's network (your public IP address). In the Remote Network field enter in your local IP address (i.e. 192.168.1.1) followed by a /24, so it should look something like 192.168.1.1/24. Enter in the Local Network Mask 32. Then for the Shared Secret field enter in your Pre-Shared Key (this can be found in the client identities in the Symantec firewall configuration. Leave the Local IP field blank, set the Mode to aggressive, and set the Proposal Check to claim. Enter in the number 16 into the Nonce Size. 7. After you fill out the information in the “Main” tab, click on the “Phase 1” tab. You will see the screen change to
this screen shot. The information above the tabs should remain the same. In the Lifetime field enter in 480 and change the pull down on the right of the lifetime to minutes. In the DH Group field change the number to 1. In the Encryption field change the field to des. And in the authentication field change it to md5. 8. After you fill out the information in the “Phase 1” tab, click on the “Phase 2” tab. You will see the screen change to
this screen shot. The information above the tabs should remain the same. In the Lifetime field enter in 1080 and change the pull down on the right of the lifetime to minutes. In the PFS Group field change the number to 1. In the Encryption field change the field to des. And in the authentication field change it to hmac_md5. 9. After you fill out the information in the “Phase 2” tab, click on the “ID” tab. You will see the screen change to
this screen shot. The information above the tabs should remain the same. For the Local section, check the first radio button and enter in your email address or the email address you set up in the Symantec firewall client identity user list. Make sure to also check off the address radio button in the remote section of this page. Now click “Done”. And you should be set. 10. Click on Vaporize button and it should connect to your VPN. Use Terminal and ping your office's local IP address to see if your connected. If your not, then your router might be blocking your IPSec Pass Through Port. Update: 2/18/04 Symantec responded to our walk through and added more detail to it. Update: 03/31/04 Removed the link because Symantec might sue me for posting their document on this site. I think this is a bit overboard, all I am trying to do is to make sure the Symantec Mac users have the information they need. Wouldn't you think Symantec would prefer their customer find the information on their own instead of calling customer service. Plus, RustyBrick came up with this solution and sent it to Symantec. Legal people, ehhh.
2 OLDER COMMENTS
posted by William on: Mar 10, 2005 12:20am
Hi, Great site! I have a VPN 200R and was wondering if someone could either EMail me or point me in the direction of the Firmware patch(Symantec lists it as revision 1.7i) seeing as I could not find a way to contact Symantec for the firmware update. I would love to use the VPN option on this device with a Mac. Thanks, William
posted by feldi on: Jul 24, 2008 04:12am
Hi there! I know, it's quite a long time ago that the VPN 200R was up and supported by Symantec, but I got a VPN 200R to use in my private office just now. My firewall is running with the firmware V1 Rel 8F, I guess a very old one. In this blog, I read about the firmware 1.7x and was wondering, if you or someone else can give me a hand to get this. I am very interested, to get a VPN conncection with my PowerMac G5, MacOS 10.4. It would be great to get some help. With best regards feldi
1 COMMENT