StrongSwan: Difference between revisions

(3 intermediate revisions by the same user not shown)

Line 285:

== Configuring strong encryption/ECDSA for the VPN connection ==

Windows PowerShell is used to change the encryption settings for the VPN connection.

Windows PowerShell is used to change the encryption settings for the VPN connection. This only works on Windows 10 machines as these support the newer ciphers whereas Windows <10 does not support them so well.

* In the Start menu, type "powershell". [[File:Administrator_Shield.png]] Click "Windows PowerShell" when it appears. It may take a few moments for the prompt to be appear and become ready to use.

Line 316:

'''NOTE: This doesn't seem to have any effect on Windows 10 if your are manually configuring the connection with PowerShell.'''

There is a Windows registry key that may need to be enabled to allow the use of stronger encryption settings. It is not clear at this stage if these settings are required, but the instructions are left here in case they are needed.

There is a Windows registry key that may need to be enabled to allow the use of stronger encryption settings. It is not clear at this stage if these settings are required, but the instructions are left here in case they are needed. These settings are, however, needed for Windows 7 clients which falls back to weak encryption if this is not configured and is probably needed since StrongSwan doesn't support the weak ciphers proposed by Windows 7 any more.

* Press {{key press|Win~~}}+{{key press~~|R}} to open the Run box.

* Press {{key press|Win|R}} to open the Run box.

* [[File:Administrator_Shield.png]] Type <code>regedit</code> and click OK.

* Navigate to the following registry path:

@@ Line 285: / Line 285: @@
 == Configuring strong encryption/ECDSA for the VPN connection ==
-Windows PowerShell is used to change the encryption settings for the VPN connection.
+Windows PowerShell is used to change the encryption settings for the VPN connection. This only works on Windows 10 machines as these support the newer ciphers whereas Windows <10 does not support them so well.
 * In the Start menu, type "powershell". [[File:Administrator_Shield.png]] Click "Windows PowerShell" when it appears. It may take a few moments for the prompt to be appear and become ready to use.
@@ Line 316: / Line 316: @@
 '''NOTE: This doesn't seem to have any effect on Windows 10 if your are manually configuring the connection with PowerShell.'''
-There is a Windows registry key that may need to be enabled to allow the use of stronger encryption settings. It is not clear at this stage if these settings are required, but the instructions are left here in case they are needed.
+There is a Windows registry key that may need to be enabled to allow the use of stronger encryption settings. It is not clear at this stage if these settings are required, but the instructions are left here in case they are needed. These settings are, however, needed for Windows 7 clients which falls back to weak encryption if this is not configured and is probably needed since StrongSwan doesn't support the weak ciphers proposed by Windows 7 any more.
-* Press {{key press|Win}}+{{key press|R}} to open the Run box.
+* Press {{key press|Win|R}} to open the Run box.
 * [[File:Administrator_Shield.png]] Type <code>regedit</code> and click OK.
 * Navigate to the following registry path: