Sam Fourman wrote: > I am also interested to see a working configuration, I need to connect a > FreeBSD client to a Windows Server via L2TP+IPSEC pre-shared key.
I can't say for sure about the L2TP server, but the following config
works in my lab between a Windows 2016 server and FreeBSD/Strongswan:
conn Win2016
keyexchange = ikev1
ike=3des-sha1-modp2048!
esp=3des-sha1!
left=192.168.246.1
right=192.168.246.14
type=transport
authby=psk
auto=route
In Windows policies, configure:
3DES+SHA1 (both for IKE and ESP), DH Group (for IKE) = high, PFS = off (keep
unchecked).
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49@fidonet http://vas.tomsk.ru/
signature.asc
Description: PGP signature
