Hi, On Mon, 2 Dec 2013 19:34:57 +0200 (IST) Or Elimelech <[email protected]> wrote: > I'm having trouble configuring Windows clients with l2tp over ipsec, > This config works great on OSX/iOS/Android/Linux > > I do not know which type of auth/enc/group I should use for Windows clients > > I currently use OpenBSD 5.4 with the following > > ike passive esp transport \ > proto udp from 1.2.3.4 to any port 1701 \ > main auth hmac-sha1 enc aes group modp1024 \ > quick auth hmac-sha1 enc aes group modp1024 \ > psk "secret"
As far as my test with Windows 7, changing the main mode config to main auth hmac-sha1 enc aes group modp2048 or main auth hmac-sha1 enc 3des group modp1024 will fix the problem. --yasuoka
