L2TP/IPSEC VPN Windows connection problems

NETWORKING SOLUTIONS
6

Hello,

Apologies for the delayed response. I have updated instructions on how to establish this connection successfully.

1. Firstly, it is necessary to generate certificates on Linux. (On my Windows PC, I installed Ubuntu CLI from the Microsoft Store and performed all the steps there). To do so, execute the following commands:

  1. ipsec pki --gen > caKey.der

  2. ipsec pki --self --in caKey.der --dn "C=CH, O=strongSwan, CN=RUT_pub_IP" --ca > caCert.der

  3. ipsec pki --gen > serverKey.der

  4. ipsec pki --issue --in serverKey.der --type priv --cacert caCert.der --cakey caKey.der --dn "C=CH, O=strongSwan, CN=RUT_pub_IP" --san RUT_pub_IP --san @RUT_pub_IP --flag serverAuth --flag clientAuth --flag ikeIntermediate > serverCert.der

  5. openssl x509 -inform der -outform pem -in caCert.der -out caCert.crt

  6. openssl x509 -inform der -outform pem -in serverCert.der -out serverCert.crt

  7. openssl rsa -inform der -outform pem -in caKey.der -out caKey.key writing RSA key

  8. openssl rsa -inform der -outform pem -in serverKey.der -out serverKey.key writing RSA key

Remember to change all instances of RUT_pub_IP to the RUT’s public IP address.

2. Next, configure L2TP as shown in the screenshot below:

image
image888×687 30.6 KB

3. Then, configure IPSEC as depicted in the screenshots provided.

  1. image
    image600×573 23.3 KB

  2. image

  3. image
    image645×699 30.1 KB

  4. image

  5. image

4. Following that, double click on the caCert.crt certificate file:

  1. Press ‘Open’.

  2. Press ‘Install Certificate’

  3. Select ‘Local Machine’ and press ‘Next’.
    image

  4. Select ‘Automatically select the certificate’ and press ‘Next’ and Finish.
    image

5. Once these steps are completed, configure L2TP/IPSEC with certificates on Windows, save the settings as shown in the screenshot, and connect.

image
image371×729 8.14 KB

Hope this helps!

Best Regards,