MikroTik community forum

Windows 7 with AES 256

RouterOS Beginner Basics

tcpip77 March 14, 2013, 8:33pm 1

Dear Mikrotik Gurus

Currently I can connect windows 7 pro boxes using 3DES but the minute I change my settings to AES 256 I cant connect???

Set as 0.0.0.0/0 port 500
Firewall rules working

/ip ipsec peer
add enc-algorithm=aes-256 exchange-mode=main-l2tp generate-policy=yes
hash-algorithm=sha1 nat-traversal=yes secret=xxxxxxxxxxxx

Chaning from 3DES to AES 256 windows 7 times out with a Error 789: The L2TP attemp failed because the security layer encountered a processing error during…
Yet if I flip it back to 3DES it works…

Thanks for any info

tomaskir March 15, 2013, 11:40am 2

For Phase 1 of IPSec Windows 7 supports only 3DES. However, you can configure any kind of encryption you like for Phase 2 (/ip ipsec proposal), and Windows will take it. I use aes-128 with no problems.