I’m trying to connect my Mikrotik to another L2TP server over IPsec.
The receiving end requires DH group 14 but the dynamic peer that the L2TP generates only has modp1024 checked off under the IPsec “Peers” tab on the webgui.
Is there a way to change the default encryption algorithms and DH groups when using an L2TP client?
I’ve been searching google and all the possible settings on the CLI and I can’t find anything.
Thanks
Let me see some logs.
You can by making static ipsec configuration, instead of “use-ipsec” option in l2tp settings.
Hi,
thank you for your answer mrz.
It would be really nice, if the IPSec parameters could be specified in the L2TP-client interface settings. Regarding the default hashing algorithm, which is curently SHA1, one could say it is absolutely necessary to make the L2TP-clients IPSec parameters configurable.
Regards,
Ape