<html><body><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt"><div>Hi,</div><div><br></div><div>I have successfully built a strongSwan gateway and can connect Linux clients to it using certificates with Suite B cryptographic algorithms. I am using ECDSA-384 machine certificates with ike=aes256-sha384-ecp384! in the ipsec.conf settings and keyexchange=ikev2. As i said everything works great with linux road warrior clients or host-host and site-to-site. Now I cannot get Windows clients to work. I keep getting the IKEv2 Error13806 when i try to connect. I have tried Windows 7, 8, Server 2008, and Server 2012. If i use non Suite B encryption settings everything works fine and the same certificates that don't work in Windows will work fine on a Linux client.<br></div><div><br></div><div>I found the older posts about the Windows 7 and Server 2008 Agile VPN clients not working with ECDSA
certificates or only work with IKEv1, some kind of bug where it can't read or find the certificates, but this was going to change in Windows 8 and Server 2012. Has there been any progress made in getting this to work?</div><div><br></div><div>Any help would be greatly appreciated.<br></div><div></div></div></body></html>