Hello, yes indeed, you are right. I noticed, unfortunately the regression introduced by microsoft is not fixable from strongswan's point of view.
Marco From: Rajiv Kulkarni <rajivkulkarn...@gmail.com> Sent: Monday, January 17, 2022 1:10 PM To: Marco Berizzi <pupi...@hotmail.com> Cc: users@lists.strongswan.org <users@lists.strongswan.org> Subject: Re: [strongSwan] disable sending vendor id Hi Actually, by default Strongswan is configured with NOT sending Vendor_id....but you can make it explicit by enabling/uncommenting the setting in "../Strongswan.d/charon.conf" file as below: # Send strongSwan vendor ID payload send_vendor_id = no hope this helps thanks & regards Rajiv On Fri, Jan 14, 2022 at 3:10 PM Marco Berizzi <pupi...@hotmail.com> wrote: Hello everyone, kindly, I would like to know if there is a way to make strongswan not send the 'vendor id'. Unfortunately the windows 10 update kb5009543 introduced this regression: "After installing this update, IP Security (IPSEC) connections that contain a Vendor ID might fail. VPN connections using Layer 2 Tunneling Protocol (L2TP) or IP security Internet Key Exchange (IPSEC IKE) might also be affected. To mitigate the issue for some VPNs, you can disable Vendor ID within the server-side settings. Note Not all VPN servers have the option to disable Vendor ID from being used. We are presently investigating and will provide an update in an upcoming release." Thanks in advance Marco
