4. Pre-shared Keys, IPSec and Windows

Pre-shared Keys, IPSec and Windows

  • W

    I've just crossed the last hurtle in a three day effort to set up pfSense, IPSec, and Windows 10 native IPSec.

    The last issue I ran into was that I kept getting a Windows Security dialog saying my user name or password is incorrect.

    The issue was that I used the pfSense user dialog to set up a "IPsec Pre-Shared Key". This apparently creates key type of PSK (at least according to IPSec/Pre-Shared Keys. According to https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/configuring-an-ipsec-remote-access-mobile-vpn-using-ikev2-with-eap-mschapv2.html, I need to set up a Secret Type of EAP.

    In the end, I had to set up a separate EAP pre-shared key with the users email address and password. This is going to be interesting to maintain logistically.

    Questions:
    Is there a requirement that EAP use "either an IP address, fully qualified domain name or an e-mail address"?
    Why is it a requirement that we use EAP vs PSK keys. Is this due to using EAP-MSChapv2?
    Can the User dialog be changed to create either a EAP or PSK key?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy