DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Peer ID instead of IP Address
- gts
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
28 Aug 2020 18:01 #96988
by gts
Peer ID instead of IP Address was created by gts
Draytek 2860 VPN LT2P with IPSec Policy Must
Our remote users use Macs and can successfully connect, authenticating using username, password and IKE pre-shared key (Shared Secret on the Mac).
In the Specify Remote Node section, I enter the IP address of the remote user.
Whenever the IP address of the remote user changes, the IP needs to be updated.
I contacted Draytek support who told me that Peer ID can be used instead, by entering a hostname instead of the IP address. I tried creating a DDNS and using the hostname provided by no-ip.com but couldn't get it to work.
Any advice welcome, thanks in advance.
Our remote users use Macs and can successfully connect, authenticating using username, password and IKE pre-shared key (Shared Secret on the Mac).
In the Specify Remote Node section, I enter the IP address of the remote user.
Whenever the IP address of the remote user changes, the IP needs to be updated.
I contacted Draytek support who told me that Peer ID can be used instead, by entering a hostname instead of the IP address. I tried creating a DDNS and using the hostname provided by no-ip.com but couldn't get it to work.
Any advice welcome, thanks in advance.
Please Log in or Create an account to join the conversation.
- hornbyp
- Offline
- Big Contributor
Less
More
- Posts: 1323
- Thank you received: 0
28 Aug 2020 18:15 #96990
by hornbyp
Replied by hornbyp on topic Re: Peer ID instead of IP Address
I've used this with "Lan to LAN" and the id is just an arbitrary string - not a hostname.
With "LAN to LAN", the string goes in the "IKE advanced settings" section of the Dial-out node, as "Local ID". For a Teleworker/Remote User, you would need to know the equivalent place to enter it, in whatever client software they are using.
With "LAN to LAN", the string goes in the "IKE advanced settings" section of the Dial-out node, as "Local ID". For a Teleworker/Remote User, you would need to know the equivalent place to enter it, in whatever client software they are using.
Please Log in or Create an account to join the conversation.
- gts
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
28 Aug 2020 18:22 #96991
by gts
I appreciate the response. The Mac VPN client software is built in to the OS, and doesn't appear to have any other authentication options other than username, password and shared secret.
Replied by gts on topic Re: Peer ID instead of IP Address
hornbyp wrote:
I've used this with "Lan to LAN" and the id is just an arbitrary string - not a hostname.
With "LAN to LAN", the string goes in the "IKE advanced settings" section of the Dial-out node, as "Local ID". For a Teleworker/Remote User, you would need to know the equivalent place to enter it, in whatever client software they are using.
I appreciate the response. The Mac VPN client software is built in to the OS, and doesn't appear to have any other authentication options other than username, password and shared secret.
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek