8392 questions

9870 answers


14140 members

0 votes
97 views 1 comments
Hello. Please clarify feature IPSEC XAUTH. Is it for Authentication "PSK+XAuth"?

In IPSEC tunnel settings I see new field "Xauth identity" - i think it is user name, but where I store user password?

P.S. I want to set up IPSEC Dial-up VPN tunnel from Teltonika RUTXR1 to Fortigate VM (v7), where Teltonika will be authenticated with PSK and user credentials.

2 Answers

0 votes
So, after few tries, I set up Site to Site tunnel with PSK and XAuth. RUTXR side are behind NAT with private IP, this means Aggressive mode, and XAuth require IKEv1. SITE2 - id for IPsec tunnel and site_s2 - are user login for authentication, which must exist on remote VPN server.

So to provision such setup, turn on Multiple Secrets switch and enter PSK and XAuth records for this tunnel under Global Secrets Settings.

Local Identifier: SITE2

SITE2 - PSK - "PSK string"

site_s2 - xauth - "user_password string"

XAuth identity: site_s2

P.S. Too bad attached pictures are sized to such small dimensions, what became unreadable.
Best answer
0 votes

In WebUI you can add xauth password in Global Secrets settings section, just choose xauth as the type and enter your password in "Secret" field.

Please clarify, what type of IPSEC tunnel are supported by xauth? I do not understood, is Teltonika router server or client?