O
Os-76
I am trying to setup a VPN connection with windows built-in VPN, but I don't think my IPsec sharing settings will work with the built in VPN, so I thought I might get a second opinion (would ask my senior tech supervisor, but he is away for a week). Usually I would install a separate client but the suggested client is a bit dodgy and security is important in my situation, so I'm opting for the built in VPN. These are my settings:
Auth. Method = L2TP/IPsec (pre-shared key)
IKE = Ver. 1
Phase 1
IKE Proposal = AES128 & SHA1, AES256 & SHA256
DH Group = 15
Key Life = 86400sec (1440min)
No Local ID
Phase 2
IKE Proposal = AES128 & SHA1, AES256 & SHA1
DH Group = 5
Key Life = 43200 (720min)
Relay Detection = enabled
PFS = enabled
I know how to manage key life within Windows Defender Firewall but not for phase 1/2 specifically. Key Life is less important for the connection, and it seems that my only issue lies within Diffie-Hellman, as I cannot find how to set DH group for Phase 1/2 specifically, and WDFwAS has no option for DH Group 15 (I would still appreciate any extra help with enabling PFS and Relay Detection).
If I left something out, or put this in the wrong category/topic, please let me know.
Continue reading...
Auth. Method = L2TP/IPsec (pre-shared key)
IKE = Ver. 1
Phase 1
IKE Proposal = AES128 & SHA1, AES256 & SHA256
DH Group = 15
Key Life = 86400sec (1440min)
No Local ID
Phase 2
IKE Proposal = AES128 & SHA1, AES256 & SHA1
DH Group = 5
Key Life = 43200 (720min)
Relay Detection = enabled
PFS = enabled
I know how to manage key life within Windows Defender Firewall but not for phase 1/2 specifically. Key Life is less important for the connection, and it seems that my only issue lies within Diffie-Hellman, as I cannot find how to set DH group for Phase 1/2 specifically, and WDFwAS has no option for DH Group 15 (I would still appreciate any extra help with enabling PFS and Relay Detection).
If I left something out, or put this in the wrong category/topic, please let me know.
Continue reading...