• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Cannot connect to company VPN

Jump to latest Follow Reply
Sort by date Sort by votes
#5
I only have two S7's and neither will connect. I have a colleage that has an iPhone and she can connect without issue.

This is the responce from Meraki support
"Hello
Thank you contacting Cisco Meraki Technical Support.
I understand you are facing an issue with respect to client vpn.
AES128 and DH group to 14 was configured. However, it be a scenario where the change it may have a negative impact on the ability for different devices to connect to the client VPN if they are not compatible with that DH group. If any devices they try to connect to the client VPN do not support DH group 14, they will be unable to connect. we cas
Please let me know if you have any questions"
 
  • Like
Reactions: Dannydet
Upvote 0
#6
OK, so after re-reading that Meraki support response I got the sense that a) I'm guessing it really wasn't an answer to your original query at all and b) there's a 'English is not they're primary language' issue but even that aside just going by intent it was more about using verbage as a misdirection.
That said, instead of DH 14, any chance you can bump that up to DH 19 or more and see how that works out? DH 14 being the original 'modulus' Diffie-Hellman as opposed to newer 'elliptic-curve' Diffie-Hellman, at this time ECDH is more prevalent than the original DH.

https://community.cisco.com/t5/security-documents/diffie-hellman-groups/ta-p/3147010

https://arstechnica.com/information...rstand-primer-on-elliptic-curve-cryptography/
 
  • Like
Reactions: Jeremy Robertson
Upvote 0
#9
Jeremy Robertson said:
That is a great read, really helps. I thought since it worked with DH 5 that the device must not support DH 14 but if I understand correctly I can raise the DH group to maybe 19 and it should work?
Click to expand...

Well, I'm just assuming it will work given how dated DH 14 is at this point. Note that primer article is from 2013, which predates the release of those 'problematic' Galaxy S7 phones (early 2016). So my assumption is based on supposition for the most part.
Another clue to this puzzle is I rely on Signal Private Messenger as my texting messaging app, which also uses ECDH -- which I recall was working fine on an even more dated Galaxy S3 back in its day (released in 2012).
https://en.wikipedia.org/wiki/Signal_Protocol
 
Upvote 0
You must log in or register to reply here.

BEST TECH IN 2023

We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.

Smartphones

Best Android Phones

See All
  1. Google Pixel 8 Pro Check Price
  2. Samsung Galaxy S23 Ultra Check Price
  3. Samsung Galaxy Z Fold5 Check Price
  4. Google Pixel 8 Check Price
  5. Samsung Galaxy S23 Check Price

Upcoming

See All
  1. Samsung Galaxy S24 Early Access

Best iPhones

See All
  1. Apple iPhone 15 Pro Max Check Price
  2. Apple iPhone 15 Pro Check Price
  3. Apple iPhone 15 Plus Check Price
  4. Apple iPhone 15 Check Price
  5. Apple iPhone SE (2022) Check Price

Upcoming

See All
  1. Apple iPhone 16 Early Access

Tablets

Best Tablets

See All
  1. Samsung Galaxy Tab S9 Ultra Check Price
  2. Apple iPad Pro (2022) Check Price
  3. Apple iPad Air (2022) Check Price
  4. Apple iPad Mini (2021) Check Price
  5. Microsoft Surface Pro 9 Check Price

Upcoming

See All
  1. Apple iPad Air 6 Early Access
  2. Apple iPad Fold Early Access

Laptops

Best Laptops

See All
  1. Apple Macbook Pro Check Price
  2. Apple Macbook Air (2023) Check Price
  3. Dell XPS 13 Check Price
  4. Acer Chromebook Spin 714 Check Price
  5. Dell Alienware m18 (2022) Check Price

Upcoming

See All
  1. Microsoft Surface Laptop 6 Early Access
  2. Microsoft Surface Pro 10 Early Access

Televisions

Best TVs

See All
  1. Samsung The Frame TV Check Price
  2. Samsung Neo QLED 4K QN90C Check Price
  3. LG G3 OLED Check Price
  4. LG A2 OLED Check Price
  5. ROKU Plus Series Check Price
  6. Samsung S90C OLED Check Price
  7. SunBriteTV Veranda 3 Check Price

Upcoming

See All
  1. Hisense 110UX ULED X TV Early Access

Game Consoles

Best Game Consoles

See All
  1. Nintendo Switch OLED Check Price
  2. Microsoft XBOX Series X Check Price
  3. Sony Playstation 5 Check Price
  4. Microsoft XBOX Series S Check Price
  5. Nintendo Switch Lite Check Price

Upcoming

See All
  1. Nintendo Switch 2 Early Access

Wearables

Best Wearables

See All
  1. Oura Ring 3 Check Price
  2. Apple Watch Series 9 Check Price
  3. Google Pixel Watch 2 Check Price
  4. Samsung Galaxy Watch 6 Classic Check Price
  5. Fitbit Inspire 3 Check Price
  6. Amazfit Amazfit Band 7 Check Price
  7. Apple Watch SE Check Price
  8. Apple Watch Ultra 2 Check Price

Upcoming

See All
  1. Samsung Galaxy Watch 7 Early Access

Smart Home

Smart Home Tech

See All
  1. Amazon Echo (4th Gen) Check Price
  2. Schlage Encode Smart Lock Check Price
  3. Amazon Blink Smart Cameras Check Price
  4. Google Nest Thermostat Check Price
  5. Phillips Hue Smart Lights Check Price

Upcoming

See All
  1. Apple Homepod Vision Early Access

Similar threads

T
Help VPN IKEv2 connection problems on Android, IKE_SA failed
Replies
2
Views
2K
Android Lounge
thecriser
T
garhof
Slow ethernet reconnect times on samsung active 4 pro tablets.
Replies
6
Views
2K
Smartphones
garhof
garhof
Upvote 0
Samsung
  • Suggestion
[Interview] Safe and Easy Data Transfer: Behind the Scenes With Samsung and KakaoTalk
Replies
0
Views
51
Breaking News
Samsung
Samsung
Upvote 0
Samsung
  • Suggestion
[Editorial] The Advent of the Bespoke AI Era
Replies
0
Views
65
Breaking News
Samsung
Samsung
Upvote 0
Samsung
  • Suggestion
[Editorial] Welcome to the Era of Mobile AI
Replies
0
Views
129
Breaking News
Samsung
Samsung
Top Bottom
Back
Jump to latest Follow Reply
Jump to latest Follow Reply