Can Windows 2012 R2 act as an VPN client using IKEv1?

Question

I am trying to find out if 2012 R2 can connect to a VPN with the following data:

Phase 1 Proposal: pre-g20-aes256-sha2-256 (86400)
Phase 2 Proposal: esp-g20-aes256-sha2-256 (4800)
IKEv1
PFS enabled
pre-shared keys

Is that possible? For example, I don't find IKEv1 as an option, only IKEv2, PPTP, L2TP/IPSec, and SSTP.

score 0 · Answer 1 · answered Sep 26 '17 at 01:28

0

No, you can only use IKEv2 or L2TP/IPSEC. Here is a guide on how to setup L2TP/IPSEC.

https://www.magnumvpn.com/setup-vpn-windows-10-l2tp-ipsec.html

You might also need to open your windows firewall for it to work.

https://www.magnumvpn.com/setup-windows-10-firewall-l2tp.html

answered Sep 26 '17 at 01:28

privacychair

17
2

Do you have any Microsoft reference or such to support your statement that IKEv1 is not supported? – Evgeniy Berezovsky Sep 27 '17 at 05:15

score 0 · Answer 2 · answered Sep 29 '17 at 04:14

0

This is not an answer, but as a workaround, you can install VyOS on a virtual machine.

Either on that Windows machine in question itself, or somewhere else. I just did that, and VyOS works like a charm as my VPN router with the above parameters, and many more details like NATting etc that are easy to configure in VyOS. (But VPN site-to-site itself is not easy at all)

answered Sep 29 '17 at 04:14

Evgeniy Berezovsky

861
1
8
27

Yes but not in RRAS. It needs to be done using Windows Firewall – Benjamin Hastings Feb 11 '23 at 04:09

Can Windows 2012 R2 act as an VPN client using IKEv1?

2 Answers2