IKEv2

hegars

Mikrotik Setup

Certificate Setup

IPSEC Setup

Client Setup

Android

Certificate Import

Native v14 client

dosent like DNS server names for what ever reason

StrongSWAN Client

Windows

Certificate Import

place in Personal Machine Store, Move CA to trusted

Regedit required to setr DH2048 with AES256

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Parameters

DWORD (32bit) NegotiateDH2048_AES256 value of 2

References

https://mum.mikrotik.com/presentations/MY19/presentation_7008_1560543676.pdf

https://forum.mikrotik.com/viewtopic.php?t=151259

https://www.stevenjordan.net/2016/09/secure-ikev2-win-10.html

Related Posts

Fibocom L850-GL

https://github.com/xmm7360/xmm7360-usb-modeswitch https://forum.mikrotik.com/viewtopic.php?t=169829 +PBREADYAT+CFUN?+CFUN: 4,0 OKat@nvm:fix_cat_fcclock.fcclock_mode=0 OKat@store_nvm(fix_cat_fcclock)Committed to NVM flash…OK
hegars