MS Windows - IPsec over L2TP dialer compatibility



  • Hello everyone,

    We are a company based in Canada using PFsense as it is such a great piece of software ! In a perspective of modernizing our VPN solution for all our users (we use all 5 platforms) and still keep things very simple for everyone, we are looking at an integration of Pfsense with the MS Windows dialer.

    Pfsense in its latest version is not compatible with Microsoft product due to a dumb down implantation on the Microsoft side. To be more precise, Microsoft, in its IPsec handshake use the IP of the user as its own IDENTIFIER. This is known to be a security issue in the IPsec world.

    After speaking with the guy at Pfsense commercial support, they offered to implant, as securely as possible, the feature for a pool of 24-32 hours at the standard rate (available on the portal).

    We are looking forward at this feature for us and the general open source community and we would like to find another partner to share the benefit of such patch to the code.  Each partner much share equal part for a mutual acceptance and I guess that everything can be concluded directly by buying hours in the portal.

    Feel free to contact me via the forum for any question regarding this post.

    Thanks



  • We are still looking for a partner to sponsor this feature with us.

    Anyone ?

    Thanks



  • I'd donate some bucks from my personal purse ($50?) if l2tp ipsec gets implemented (and is compatible with Win7/8, OSX, iOS and Android). I'm currently using a Zywall which does l2tp/ipsec and is compatible with all those platforms - i'd like to replace that Zyxel hardware.

    Please send me a PM if that's still an option.


Log in to reply