Windows server IPSec demand dial to IPFire IPSec

I’m hoping someone else has figured this out, but everyone seems to be using OpenVPN as the work-around. I’m trying to avoid installing a new application. Perhaps it isn’t doable, but if we get it here on the forum, others will know that it isn’t doable either if that’s the case.

I’m on core 144. Our family has one hold-out that isn’t using IPFire for various reason, so we’ve changed our VPN stretegy to use the more familiar hub-and-spoke method. One spoke (mine) uses an IPSec VPN to the hub and it works great. The hub also has road-warrior VPN enabled as well for mobile users.

Now I am trying to connect another family member, who is running Windows server 2019, to the HUB. Ideally, I’d like to use the “Demand-Dial” IPSec VPN included with Windows server to connect to the IPFire at the hub using IPSec. Does anyone have any experience in getting such a configuration to work?

With this user, I believe I was able to get OpenVPN running on an older server, to connect but since there is new server now, I either have to go through the steps with OpenVPN or instead, I was hoping I could get the Windows VPN to work instead.

If the Demand-Dial VPN is configured on Windows, it request a username and password for the endpoint, the IPFire. There is no corresponding username/password for IPFire IPSec so I’m stumped there.

Other than a Net2Net IPFire-IPFire connection how else can one make a Net2Net IPSec connection to IPFire from Windows (server)?

Thanks very much!