Help

OSX Builtin IPSec Cisco VPN 10.11.4

danielslijper
New Contributor

Posted on ‎03-22-2016 11:54 AM

Hey all,

We have noticed that 10.10.4 seems to break newly added Cisco IPSec VPN configurations. We tried on different systems, different networks and different firewalls. Manual configurations as well as profiles don't work, only existing configurations continue to work.

My colleague @peterloobuyck already posted a bug report with Apple.

Has anyone else noticed this behaviour? We'll post any progress in the bug report here.

0 Kudos
Reply
3 REPLIES 3

peterlbk
Contributor

Posted on ‎03-22-2016 12:04 PM

Cheers, @danielslijper !

Bug report number 25296377 if anyone cares to check..

Cheers!

0 Kudos
Reply

brad
Contributor

Posted on ‎05-05-2016 09:57 AM

@danielslijper and @peterloobuyck ,

We just ran into this and we found that 10.11.4 updated the VPN client and it requires at 2048 or higher bit modulus. We changed our firewall to use a higher DH group number and now it works!

Good explanation here: http://www.cameronbrister.com/mac-os-x-10-11-4-breaks-some-cisco-ipsec-vpn-connections/

-Brad

0 Kudos
Reply

darrell_rennie
New Contributor II

Posted on ‎05-05-2016 11:05 AM

Same, just changed DH to 14, and all is working again!

0 Kudos
Reply