IPsec VPN from Windows to Vigor Router using Aggressive mode

IPsec VPN in Aggressive mode can establish between Windows and Vigor Router with peer IDs and pre-shared key by using Shrew VPN Client. This article demonstrates how to create an IPsec tunnel between Vigor Router and Windows.

Router Setup

1. Go to VPN and Remote Access >> Remote Dial-in User.

1. Enable this account.
2. Allow IPsec tunnel as dial-in type.
3. Enable Specify Remote Node.
4. Enter Peer ID.
5. Click IKE Pre-Shared Key.
   1. Enter Pre-Shared Key.
   2. Click OK.
6. Click OK to save.

   

Windows Client Setup

1. Download Shrew Soft VPN Client

2. Open VPN Access Manager.

1. Click Add.
2. In general setup,
   1. Enter router domain or WAN IP as VPN Hostname or Server IP.
   2. Disable Auto Configuration.
   3. Select Using an existing adapter and current address.
3. In Name Resolution setup, disable all checkbox.
4. In Authentication setup,
   1. Select “Mutual PSK”.
   2. Set identification to “Fully Qualified Domain Name” for local identity.
   3. Enter FQDN String as peer ID.
5. In Phase1 setup, select aggressive mode.
6. Click Save.
7. Click the saved VPN Client and connect button to create IPSec tunnel.

Finally, VPN Connect will show the message.

Then ping remote network to trigger the VPN tunnel.

And Vigor Router shows VPN status on VPN and Remote Access >> Connection Management page.