Only Windows won't connect to IPSEC Tunnel

  • Hi there!

    I have an IPSEC Tunnel configured on my pfsense router and I'm currently using it just fine on MacOS and iOS. I recently tried adding the vpn to a Windows machine for ad domain purposes and it just won't connect.

    My pfsense IPSEC config:

    config setup
    uniqueids = yes
    conn bypasslan
    leftsubnet =
    rightsubnet =
    authby = never
    type = passthrough
    auto = route
    conn con-mobile
    fragmentation = yes
    keyexchange = ikev1
    reauth = yes
    forceencaps = yes
    mobike = no
    rekey = yes
    installpolicy = yes
    type = tunnel
    dpdaction = clear
    dpddelay = 90s
    dpdtimeout = 540s
    auto = add
    left =
    right = %any
    leftid =
    ikelifetime = 28800s
    lifetime = 3600s
    rightsourceip =
    rightdns =
    ike = aes256-sha1-modp1024!
    esp = aes256-sha1,aes192-sha1,aes128-sha1!
    leftauth = psk
    rightauth = psk
    rightauth2 = xauth-generic
    aggressive = yes
    leftsubnet =

    Authentication is done via RADIUS on a Windows Server.

    MacOS and iOS both connect just fine. When I add the VPN to Windows 10 via the settings app with the right Type ("L2TP/IPSec with pre-shared key") and pre-shared key. I get the following error:
    The L2TP connection attempt failed because the security layer could not negotiate compatible parameters with the remote computer.

    Not sure what's causing this cause everything seems correct. Any ideas?

  • To my knowledge Windows 10 does not support IKEv1 anymore at least it not listed in the artikel below and you have no GUI setting beside "automatic" which could match.
    You should use IKEv2 or use some Third-Party Client SW on Windows.