It’s Windows 11, updated… It should have proper ciphers.
I would hope so but it seems to only be asking for MODP-1024.
Maybe show a screenshot of the Advanced WUI page for your IPSec connection so we can see what ciphers, groups etc are selected and would be compared to the ones proposed from your client.
13[CFG] selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_512/ECP_521
Is not that…
It just fails.
07[ENC] generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Try these first (see RED box) in the Advanced WebGUI page
This is from the IPFire Wiki page:
https://www.ipfire.org/docs/configuration/services/ipsec/host-to-net/windows
1 Like