Under direction of FieldComm Group staff, you may be granted access to an isolated testing network that can be access via vpn. The following will help you configure your vpn client application to connect.
You will need the TLS pre-shared key <secret>, username <username> and password <password>. These three items will be provided to your separately.
The remote VPN network is 192.168.1.0/24. This is a private, but common ip network range. If your computer is connected to a network that uses the same network range, then you may not be able to connect to the remote network.
Windows L2TP VPN Client
In this section, we are using a Windows 10 machine as the L2TP client.
1. Add a new VPN connection.
Settings > Network & Internet > VPN > Add a VPN connection
VPN Provider: Windows (built-in)
Connection name: L2TP
Server name: remote.fieldcommgroup.org
VPN Type: L2TP/IPsec with pre-shared key
Pre-shared key: <secret>
Type of sign-in info: User name and password
User name: <username>
2. Navigate to the Windows 10 Network connections to change the allowed security protocols.
Settings > Network & Internet > Status > Change Adapter Options > L2TP Adapter properties
Security > Allow these protocols > Microsoft CHAP Version 2 (MS-CHAP v2)
3. Configure a split vpn (prevents all traffic from routing through vpn tunner)
First, you need to enable split running by removing the Default Routing option on the VPN connection your just created.
- Right-click the Windows 10 Start button and go to Network Connections.
- Click Change adapter options. on the VPN you created above.
- Right-click your VPN connection and open Properties.
- In the Networking tab, select Internet Protocol Version 4 (TCP/IPv4).
- Click Advanced.
- In the General tab, click Advanced.
- Disable Use default gateway on remote network.
- Restart your VPN connection.
After removing the default gateway option, you may not be able to access to vpn. This is due to a missing route that must be manually added. You will need the name of the VPN connection you created above.
Open an Administrative command windows and enter the following command
netsh interface ipv4 add route 192.168.1.0/24 "<name of vpn connection>"
Where you replace <name of vpn connection> with the name you created above. Make sure to enclose the name in quotes.
macOS L2TP VPN Client
In this section, we are using an Apple macOS computer as the L2TP client.
1. Add a VPN connection in the network settings.
System Preferences > Network > "+"
VPN Type: L2TP over IPSec
Service name: VPN (L2TP)
2. Adjust the newly created L2TP over IPsec interface.
System Preferences > Network > VPN L2TP
Server Address: remote.fieldcommgroup.org
Account Name <username>
3. Add the authentication settings.
System Preferences > Network > VPN L2TP > Authentication Settings
User Authentication: <password>
Machine Authentication: <secret>
4. Send all traffic through the VPN connection.
System Preferences > Network > VPN L2TP > Advanced
Session Options: Send all traffic over VPN connection (checked)