search

richardhicks / aovpn

PowerShell scripts and sample ProfileXML files for configuring Windows 10 Always On VPN
MIT License
158 stars 83 forks source link

CryptographySuite setting is not applied to the user tunnel #10

Closed jonatanhovgaard closed 3 years ago

jonatanhovgaard commented 3 years ago

When using "Automatic" the IKEv2 configuration is not applied to the "user tunnel". If NativeProtolType is set to IKEv2 the crypto settings will be applied succesfully. I have seen this in several installations. As your ProfileXML configuration works with both a "device tunnel" configuration and a "user tunnel" configured with IKEv2, I suspect this to be a Microsoft issue, but I just thought you should know.

richardhicks commented 3 years ago

Indeed, this is a known issue with Microsoft. For some reason, Windows ignores the cryptography settings when the NativeProtocolType is set to Automatic. :/

More details here: https://directaccess.richardhicks.com/2019/01/07/always-on-vpn-ikev2-connection-failure-error-code-800/

Thanks!

jonatanhovgaard commented 3 years ago

Thanks a lot for your reply and thanks for all the relevant info on AOVPN you provide to all of us via your website and github account. 😊

From: Richard M. Hicks notifications@github.com Sent: 26. januar 2021 00:16 To: richardhicks/aovpn aovpn@noreply.github.com Cc: Jonatan Kragh Hovgaard joa@netip.dk; Author author@noreply.github.com Subject: Re: [richardhicks/aovpn] CryptographySuite setting is not applied to the user tunnel (#10)

Indeed, this is a known issue with Microsoft. For some reason, Windows ignores the cryptography settings when the NativeProtocolType is set to Automatic. :/

More details here: https://directaccess.richardhicks.com/2019/01/07/always-on-vpn-ikev2-connection-failure-error-code-800/https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdirectaccess.richardhicks.com%2F2019%2F01%2F07%2Falways-on-vpn-ikev2-connection-failure-error-code-800%2F&data=04%7C01%7Cjoa%40netip.dk%7Cde9a44d3f1a746f30c8008d8c18744b6%7C13fa3b2cf73743488820f7a4c8b41cde%7C0%7C0%7C637472134010118889%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=QnReatAxkpsJzN4PM67ljeK%2FKsu%2Fz93jKw%2FnCxlfRFk%3D&reserved=0

Thanks!

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frichardhicks%2Faovpn%2Fissues%2F10%23issuecomment-767174085&data=04%7C01%7Cjoa%40netip.dk%7Cde9a44d3f1a746f30c8008d8c18744b6%7C13fa3b2cf73743488820f7a4c8b41cde%7C0%7C0%7C637472134010128883%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=iFe5jXz76UED2H21EKFWp3xiDs4SY7fW%2FeeT9gdiN8Q%3D&reserved=0, or unsubscribehttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FANLPTBXS6HZV47Q6HRREQ3DS3X3TVANCNFSM4WSNOE6A&data=04%7C01%7Cjoa%40netip.dk%7Cde9a44d3f1a746f30c8008d8c18744b6%7C13fa3b2cf73743488820f7a4c8b41cde%7C0%7C0%7C637472134010128883%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=yLb1XQApd6bTXWuvhOmg6QQjA%2BfXpzvMhrMEWFCKuDU%3D&reserved=0.

richardhicks commented 3 years ago

My pleasure! :)