ER605 SHA2

ER605 SHA2

14 Reply
Re:ER605 SHA2
2024-05-25 09:48:21 - last edited 2024-05-27 01:00:48

  @ZIZOU94 

I did a google search but didn't find any answers. but you are not alone, there were many people who did not get the vpn to work since there is no dh group configuration on liveboks, you should contact liveboks to consult with them.

 

  0  
  0  
#12
Options
Re:ER605 SHA2
2024-05-25 09:59:18 - last edited 2024-05-27 01:00:48

  @MR.S this er605 is behind a box. it is necessary to open port on the box ?

  0  
  0  
#13
Options
Re:ER605 SHA2
2024-05-25 10:04:34 - last edited 2024-05-27 01:00:49

  @ZIZOU94 

yes normaly. but you cant only open port you have to port nat in to ER605. 

 

UDP port 500 for Internet Key Exchange (IKE) to manage encryption keys, and UDP port 4500 for IPSec NAT-Traversal (NAT-T).

 

but if posilbe its bether to set the box in bridge mode or remove the box completely. I have removed my ISP router and replaced it with a omada router directly on internet.

 

mutch less problem..

 

 

 

  1  
  1  
#14
Options
Re:ER605 SHA2-Solution
2024-05-27 02:46:40 - last edited 2024-05-27 02:46:43

Hi @ZIZOU94 

Thanks for posting in our business forum.

Our senior member MR.S gave some very helpful insight and comments.

For a standard IPsec, in the IKE, you have three options to be filled.

 

SHA: Responsible for data integrity and authentication.

AES: Responsible for data encryption and decryption, ensuring communication confidentiality.

DH: Responsible for key exchange, ensuring both parties can securely generate a shared key.

 

You miss the DH group which should be specified before it starts to work.

Port forwarding is necessary as well if you set up IPsec S2S.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#15
Options