Settings for Windows, iPhone, and Mac

  • Is there a common Ipsec configuration that will works for Windows 7, Windows 10, Mac, and iPhone all with most current OS updates?  I won't have but two users with multiple devices so a 3rd party client is not out of the question for me.  From searching, everything I've found required 3des which I'd rather not use and I'm wondering if there is something I'm overlooking?

    On my previous router, I was able to get an L2TP over Ipsec connection working on the above devices, but I haven't had much luck so far on the pfSense.



    I had to use 3des after trying for ages to get it to work without.

    The following works with IOS, MacOS & W7 :-


    Encryption Algorithm 3DES
    Hash Algorithm SHA1
    DH Group 2 (1024 bit)
    Lifetime 1024


    Encryption Algorithms AES & 3des
    Hash Algorithms SHA1, SHA256, SHA384, SHA512

  • Thanks, that confirms my experience as well.  Is iOS the OS limited to 3des?

    Will windows 7 support AES-GCM?

    I'm almost tempted to setup two VPNs to get optimal performance on the tunnel I use most often.

  • This configuration is what I'd prefer which works great on iOS and mac, but I've yet to have success on Win7

  • I did manage to get IOS working with AES as per the link but then Windows fails :-

  • @beedix:

    This configuration is what I'd prefer which works great on iOS and mac, but I've yet to have success on Win7

    Just saw this referenced in my traffic logs. Glad you found it useful! I haven't attempted with Windows 7, but according to Microsoft, it does support AES-GCM. Testing this is on my to-do list, but you probably have to use the Powershell configuration to get this set up.

  • Unfortunately, the functions that you need in powershell aren't available under windows 7 like they are in windows 10.  I've downloaded literally every version of powershell.  If you were to find a way, I'd be very interested in seeing how this is done.

    For now, I'm rolling with 3des which I cringe at the idea of.  The only Windows 7 PC that is holding me back is my work laptop.  Luckily, I'm due for an upgrade so I've asked our IT group to issue me a new PC with windows 10 so I'm pretty excited to get some new hardware which I'm confident will allow access to the functions needed to configure the specifics.

    Much appreciated for the guide and I'll be watching if you post anything on the Windows 7 front!

Log in to reply