[strongSwan] Strong swan 5.1.1 and Windows XP
Martin Willi
martin at strongswan.org
Wed Dec 10 11:24:37 CET 2014
Hi,
> I have tried both using the native client of Windows XP (that does not
> connect at all)
The XP client configured through the RAS GUI uses L2TP/IPsec, that is a
L2TP tunnel protected by IPsec in transport mode using IKEv1. strongSwan
can handle the IPsec protection only, for L2TP you'll need a L2TP
daemon. There are probably some guides out there how to get that
working, but please be aware that there are some difficulties with NAT.
> and using two vpn clients, ShrewSoft and TauVPN, (that
> establish IKE phase 1 SA but fail at phase 2)
Shrew should actually work fine with strongSwan, but there is a large
bunch of authentication methods and other options to use. Please provide
some failure logs.
Haven't used TauVPN for a while; If you can configure the XP stack with
some standard IPsec using IKEv1 with certificate authentication, that
might work.
Given that XP has reached end-of-life anyway, I'm not sure if it is
worth the effort. If you really need XP support, Shrew is probably the
best option.
Regards
Martin
More information about the Users
mailing list