Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 3 subscribers
  • Views 1627 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L2TP VPN with Big Sur Without a Subscription

Brian Allen

We have an SG210 that we use as a firewall for some of our servers, and we use the L2TP VPN. It meets our needs with a subscription and we've been very happy with the purchase.

Our L2TP VPN no longer works for iOS devices or Mac's with Big Sur.

I've seen the other threads detailing how to go to Remote Access -> IPsec -> L2TP-over-IPsec and remove "SHA2 256 (96 bit)" and add "SHA2 256".

The problem is if I try to go there it isn't allowed because we don't have a relevant subscription.

Is there another way to make that change? Like from the command line?

It doesn't make sense to have the L2TP VPN be usable without a subscription but not the settings that govern it's use.

Maybe a firmware update can move or copy the L2TP VPN settings like IPSec "authentication algorithm" to the Remote Access -> L2TP over IPsec page where they will still be accessible.

Thanks!



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    Could you please share the licensing detail from your firewall? Do you have a subscription for Network Protection? 

    Navigate to Management > Licensing > Overview. 

    Thanks,

  • 0 in reply to FormerMember

    Our base license was registered December 2014. We have Endpoint AntiVirus (2 free users) that expires in 2038.

    We don't have any other licenses. Web Support shows as disabled.

    So no, we don't have Network Protection (and never have).

    We've always been able to use the L2TP over IPsec VPN, and still can for Windows and Android devices, but it no longer works for Mac / iOS devices.

Reply
  • 0 in reply to FormerMember

    Our base license was registered December 2014. We have Endpoint AntiVirus (2 free users) that expires in 2038.

    We don't have any other licenses. Web Support shows as disabled.

    So no, we don't have Network Protection (and never have).

    We've always been able to use the L2TP over IPsec VPN, and still can for Windows and Android devices, but it no longer works for Mac / iOS devices.

Children
  • FormerMember
    0 FormerMember in reply to Brian Allen

    Hi ,

    Thank you for the update. Can you please message me your license id? 

    Thanks, 

  • 0 in reply to Brian Allen

    Hallo and welcome to the UTM Community!!

    We're coming up on our 19th year of selling/supporting the UTM.  I can't recall a time when Remote Access was offered free and not as a part of Network Protection, so, unless your reseller has the confd client expertise to modify the "L2TP over IPsec" policy, I think you're headed towards a dead end...

    You can, however, "upgrade" your UTM to XG Firewall for no charge and that does offer L2TP/IPsec in the free "Base" license.  Unfortunately, that requires configuring XG from scratch.

    Good luck!

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML