StrongSwan: Difference between revisions
m →Making the VPN profile: Small changes/tidying up |
m →Configuring strong encryption/ECDSA for the VPN connection: Small changes/tided up. Added note. Corrected for Windows 1809 by removing confirmation. |
||
| Line 265: | Line 265: | ||
* Press the {{key press|Enter}} key. | * Press the {{key press|Enter}} key. | ||
* Type Y to confirm the settings and press the {{key press|Enter}} key. | * Type Y to confirm the settings and press the {{key press|Enter}} key. | ||
* The connection should now be ready to use! | * The connection should now be ready to use! | ||
Note: <code>GCMAES256</code> is used under <code>AuthenicationTransformConstants</code>, <code>CipherTransformsConstants</code> and <code>EncryptionMethod</code>, even though strongSwan only supports ESP over IKEv2. This is due to an oddity within Windows where if only <code>CipherTransformsConstants</code> and <code>EncryptionMethod</code> are configured, Windows either sends the wrong encryption proposal (AES256 without GCM) or refused to connect with a policy mismatch. Once all three fields are defined, the connection works correctly. | |||
= Miscellaneous Settings = | = Miscellaneous Settings = | ||