Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1387
Views
0
Helpful
1
Replies

ASA & Windows 10 l2tp - IKE support?

seanwaite
Level 1
Level 1

‎07-05-2017 10:09 AM

For years I have used IKEv1 3DES/Sha1 with builtin l2tp Windows client. Today I tried to change this, and was able to use AES256 for phase 2, but have not found successful configuration for phase 1.

So I am wondering, for phase 1 is there a way for Windows 10 to use higher than 3DES/Sha1?

Labels:
0 Helpful
1 Reply 1

Philip D'Ath
VIP Alumni
VIP Alumni

‎07-08-2017 03:24 PM

First let me commend you on moving away from 3DES.  Everybody should be doing this.

I believe 3DES is the default for the Windows L2TP over IPSec client.  You will have to edit the settings on the Windows 10 machine to use any "modern" ciper.

https://support.microsoft.com/en-us/help/325158/default-encryption-settings-for-the-microsoft-l2tp-ipsec-virtual-priva

You have not mentioned what kind of device you are terminating the VPN on - but you could also consider making the jump directly to IKEv2 and dumping L2TP over IPSec all together.

0 Helpful
Customers Also Viewed These Support Documents