In an existing installation, that was originally set up with LCOS 10.50 or earlier, even after an update to a current LCOS version the remote site DEFAULT (initially used for VPN dial-in connections, as long as it hasn't been authenticated) is assigned the Diffie-Hellman group DH14 at the most.
When an Advanced VPN Client connection is set up on such a router via LANconfig 10.80 Rel, the Diffie-Hellman group DH15 is stored in the profile file. Thus, the VPN connection cannot be established.
You can find information regarding troubleshooting of this issue in the following Knowledge Base article:
In LCOS FX 10.11 Rel the service for Content and Anti spam filtering is not started automatically in an HA cluster scenario. After a change to the Slave firewall in the HA cluster, websites cannot be invoked anymore and instead the block site of the URL/Content filter is displayed.
This behavior is fixed in LCOS FX 10.11 RU1. Therefore LANCOM Systems urgently recommends performing an update to this version.
In LANconfig, updating the switch firmware and automatically checking for new firmware versions is not possible.
LANCOM Systems therefore recommends to perform a firmware update via the web interface of the switch or via LMC. In the LMC, the mechanism for automatic firmware updates can also be carried out.