[Swan] Windows 7/10 ipsec issues
John Crisp
jcrisp at safeandsoundit.co.uk
Thu Jan 30 16:23:19 UTC 2020
On Thu, 17 Oct 2019 23:37:50 +0200
John Crisp <jcrisp at safeandsoundit.co.uk> wrote:
> I am trying to help some friends get off Windows PPTP (!!!!) and first
> stage was to L2TP/Ipsec.
>
Well, an extremely long shaggy dog story later.
Windows. Every time I use it (which is rare) it just serves to remind
me why I dumped it.
I found a note here:
https://github.com/StreisandEffect/streisand/issues/291
And then this:
https://documentation.meraki.com/MX/Client_VPN/Troubleshooting_Client_VPN#Common_Connection_Issues
"Modern Windows devices do not support L2TP/IPsec connections when the
Windows computer or VPN server are located behind a NAT."
What? Modern? Hey Ho. Seems Linux and Android etc are happy to do so.
Add this key and reboot:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
RegValue: AssumeUDPEncapsulationContextOnSendRule
Type: DWORD
Value data: 2
Base: Decimal
Instant karma.....
Remember that only one device at a time can connect from a NAT'd Lan.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20200130/20c76188/attachment.sig>
More information about the Swan
mailing list