I have configured the new MS Always on VPN technology that uses RADIUS, Active Directory Certificate Services and Windows RRAS:
https://docs.microsoft.com/en-us/window ... y-overview
Apparently it is possible to use an alternative VPN server than Windows Server RRAS, I was hoping to user our Mikrotik router instead.
The VPN uses IKEv2 with a user certificate issued from Active Directory Certificate Services, this is presented to the RADIUS server via PEAP authentication.
Does the Mikrotik suppoert IKEv2 with radius PEAP authentication?
You can read more about how to set this up using only the windows components here:
https://4sysops.com/archives/always-on- ... indows-10/
Apparently this is the new MS "standard" for corportate VPN, so would be sure good to get this working on the Mikrotik.
If anyone has any thoughts or ideas I would sure be grateful to hear them!