In a series of posts I am documenting my switch from an osx only world to a windows 10 client. This time: connecting to a L2TP/IPSEC VPN to a server running OS X Server 10.6.8 where the setup is like this:
So let`s begin on the windows 10 side:
- create a new VPN network connection in the network center
- right click properties -> General: add a hostname
- Options -> set PPP options
- Security Settings
- note the pre-shared key, you’ll set it in the os x server settings later on.
- Now follow exactly these steps in order to set the correct security settings for your windows 10 client. note: these worked for me despite it says windows 7
- Restart Windows
Now, for the gateway in order to get the traffic for L2TP / IPSec correctly tunneled I needed to forward these ports to my local server:
- UDP 45, 500, 4500, 1701
As I am using a Zyxel Speedlink 5501, this looked like this (Web-Administration > Security > Port-Forwarding):
On the OS X Server side, I set up the VPN through the Server Admin panel. I used MS-Chapv2 and a shared secret:
Of course, you need to have a valid user/password for the server machine in order to connect succesfully.
Update 1: After a 1st test this broke my smb connections from the win 10 to another osx client on the network. 🙁
Update 2: fixed the problem above. To either connect to OS X Server via VPN or to another OS X machine it is „OK“ to set the „Network Security: LAN Manager authentication level“ to „Send NTLMv2 response only“. I was still able to connect to the VPN successfully.