l2tp+IPsec client on FreeBSD, VPN gateway on Windows
Victor Sudakov
vas at sibptus.ru
Sun Mar 1 09:31:17 UTC 2020
Sam Fourman wrote:
> I am also interested to see a working configuration, I need to connect a
> FreeBSD client to a Windows Server via L2TP+IPSEC pre-shared key.
I can't say for sure about the L2TP server, but the following config
works in my lab between a Windows 2016 server and FreeBSD/Strongswan:
conn Win2016
keyexchange = ikev1
ike=3des-sha1-modp2048!
esp=3des-sha1!
left=192.168.246.1
right=192.168.246.14
type=transport
authby=psk
auto=route
In Windows policies, configure:
3DES+SHA1 (both for IKE and ESP), DH Group (for IKE) = high, PFS = off (keep unchecked).
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49 at fidonet http://vas.tomsk.ru/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20200301/e11c1551/attachment.sig>
More information about the freebsd-questions
mailing list