Thank you!The vlan-bridge interface must be listed as tagged for vlan 14 in /interface/bridge/vlan.
Encr key was only 64 characters. But ok, strongest first. good to know.strongest will be preferred. You can see which one exactly is picked by enabling ipsec logs, or counting how long are keys in SAs
Related question, if I have both aes-128-cbc & aes-256-cbc selected in IPSec proposal, is there any way to know which one is used? Enryption tab in IPSec SA says only "aes cbc".Yes, hw encryption works for all aes-cbc algorithms.
They also forgot to mention SD slot and confirmed it already, so maybe we have hope.They forgot to include it in the spec overview?If you go back to the first post you will see a USB port in the photo.
That is only working method I have figured out so far, but if someone knows better way, I'm also very interested.Or must I have that manually set in the Shrew client configs?
Has not happened for me either with 6.13, so this looks promising!Apparently this issue has been fixed in 6.13. From yesterday, all clients (6 clients using L2TP/IPSec) were connected. Today cache size is 56 now. Normally it would be something between 2k-4k.
Wrong place to ask.. Contact Microsoft and ask them if such feature will be implemented.
That was that "is there any possibilities" -section of my question.
Anyway, EAP authentication with certificates is supported by Microsoft SSTP-solution.