cancel
Showing results for 
Search instead for 
Did you mean: 

Client VPN Wish List

Here to help

Client VPN Wish List

- Multi factor / one-time password authentication capability.

- Stronger everything security-wise: AES encryption, anything better than SHA1 IKEv2, etc...AND configurable with however I would like based on my needs, not stuck with just one way of doing it ike we currently have.

 

These really have to be huge requests I imagine, especially for compliance needs.

I really do hope this is already on the Meraki roadmap for their MX firmware.

3 REPLIES 3
Kind of a big deal

Re: Client VPN Wish List

Multi-factor/OTP is available using a RADIUS server from an Multifactor/OTP vendor.

 

AES is already being used.  Unfortunately I think SHA1 is still used.

 

IKEv2 would be excellent to get.

 

I would like to be able to configure policies per VPN user, so different VPN users have different access permissions.

Here to help

Re: Client VPN Wish List

having MFA/OTP built in would be nice still. I come from a SonicWALL background and this feature was built into the appliances.

 

Strange regarding AES, as I spoke to Meraki support not long aog this week, and they state the following is used for client VPN:

 

L2TP

IKEv1

PAP authentication

3DES encryption

SHA1 hashing

Aggressive Mode

 

Definitely could be better and why it isn't in this day in age, who knows.

 

Highlighted
Getting noticed

Re: Client VPN Wish List

I would also like to be able to assign static IP's per VPN users. 

 

The group policies are currently assigning per IP and if the user doesn't use the VPN for about a month, the IP gets assigned to someone else and they then have the wrong access.

 

Though I supposed @PhilipDAth suggestion of access per user account would solve that problem too.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.