L2tp/ipsec windows 10/7 native clients
-
After hours and hours of trying different configurations listed in the internet. Is there any setup that will work with Windows native vpn client. I have a client that has some older users that cannot figure out how to use openvpn and it is not worth putting a appliance at their location to have it auto connect. thanks
-
For a native VPN on Windows clients, use IKEv2 not L2TP/IPsec.
-
What's the most current/accurate (canonical) guide for setting up IKEv2 VPN for road warriors on 2.3.x?
-
The ones on the wiki. It depends on what style you need/want.
https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2
https://doc.pfsense.org/index.php/IKEv2_with_EAP-RADIUS
https://doc.pfsense.org/index.php/IKEv2_with_EAP-TLSThough depending on the Windows version you might need other client-side adjustments, for example on Windows 10 Anniv. Update you might have to change the setting to send all traffic over the tunnel.
-
Right, I am well aware of those links. The reason I asked is because last time I tried, I ran into various quirks depending on OS (iPhone, Mac, Win10 client) so I was hoping there was an up-to-date guide that included these extra steps to make it all hum withiut scouring forums. Admittedly the last time I tried was a few months ago so not sure if much has changed…
-
Your original question stated L2TP/IPsec, not IKEv2, so there was no disclosure that you'd known about or tried those. They are the most current public documents but it is possible that operating system updates have rendered parts of them inaccurate.
The same settings are unlikely to work on Windows and OS X/iOS out of the box, but that's easily solved by getting Windows to work and then using Apple's VPN profile tools to make a profile you can import into OS X / iOS which will work with the same settings as Windows. None of those are pfSense problems though, they're client configuration problems.
-
OP wasn't mine it was ptclabs, but thanks for the info. I will give it a try again on a fresh config.