Only Windows won't connect to IPSEC Tunnel
I have an IPSEC Tunnel configured on my pfsense router and I'm currently using it just fine on MacOS and iOS. I recently tried adding the vpn to a Windows machine for ad domain purposes and it just won't connect.
My pfsense IPSEC config:
config setup uniqueids = yes conn bypasslan leftsubnet = 10.20.1.0/24 rightsubnet = 10.20.1.0/24 authby = never type = passthrough auto = route conn con-mobile fragmentation = yes keyexchange = ikev1 reauth = yes forceencaps = yes mobike = no rekey = yes installpolicy = yes type = tunnel dpdaction = clear dpddelay = 90s dpdtimeout = 540s auto = add left = 192.168.0.2 right = %any leftid = 192.168.0.2 ikelifetime = 28800s lifetime = 3600s rightsourceip = 10.20.3.0/24 rightdns = 10.20.0.1 ike = aes256-sha1-modp1024! esp = aes256-sha1,aes192-sha1,aes128-sha1! leftauth = psk rightauth = psk rightauth2 = xauth-generic aggressive = yes leftsubnet = 0.0.0.0/0
Authentication is done via RADIUS on a Windows Server.
MacOS and iOS both connect just fine. When I add the VPN to Windows 10 via the settings app with the right Type ("L2TP/IPSec with pre-shared key") and pre-shared key. I get the following error:
The L2TP connection attempt failed because the security layer could not negotiate compatible parameters with the remote computer.
Not sure what's causing this cause everything seems correct. Any ideas?
To my knowledge Windows 10 does not support IKEv1 anymore at least it not listed in the artikel below and you have no GUI setting beside "automatic" which could match.
You should use IKEv2 or use some Third-Party Client SW on Windows.