Update 06-Feb-2025: added recommendations from NCSC, a list of modifications to the pfSense guide, and an updated command to modify an existing Windows 10 VPN configuration
This is an out of the box workaround if having trouble connecting to a pfSense IKEv2 VPN with iOS and Windows 10 devices after following the pfSense recipe:
https://docs.netgate.com/pfsense/en/latest/recipes/ipsec-mobile-ikev2-eap-mschapv2.html
When iOS clients (version 15) tried to connect, the device error was “An unexpected error occurred.” In the pfSense logs there were errors similar to:
[IKE] <con-mobile|112> no acceptable proposal found
[IKE] <con-mobile|112> failed to establish CHILD_SA, keeping IKE_SA
[CHD] <con-mobile|112> CHILD_SA con-mobile{71} state change: CREATED => DESTROYING
The following change may work for you:
- Phase 2 configuration -> Encryption Algorithms -> AES – change to Auto
When Windows 10 clients tried to connect, the device error was “Policy match error”. In the pfSense logs there were errors similar to:
[CFG] <con-mobile|122> no acceptable ENCRYPTION_ALGORITHM found
[IKE] <con-mobile|127> no acceptable proposal found
The following changes may work for you:
- Phase 1 configuration -> create a new Encryption Algorithm -> Algorithm AES -> Key length 256 bits -> Hash SHA1 -> DH Group 2 (1024 bit)
- Phase 2 configuration -> Hash Algorithms -> add SHA1
Note: the pfSense recipe indicates a PFS key group is not supported with a manual VPN configuration in iOS, however setting it to 14 (2048 bit) per the recipe did not cause any issues in iOS17. In fact, any value was accepted.
Try the connection again to verify if it is successful.
Long term you may want to consider modifying the default Windows 10 VPN configuration due to Microsoft stating that “these settings aren’t secure for IKE exchanges”:
https://docs.microsoft.com/en-us/windows/security/identity-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections
Windows supports several different manual configurations, but not all of them are secure:
https://learn.microsoft.com/en-us/powershell/module/vpnclient/set-vpnconnectionipsecconfiguration?view=windowsserver2025-ps&viewFallbackFrom=win10-ps&preserve-view=true
The recommendations from the NCSC (year 2022) are to use Group 14 or Group 19 to provide adequate security through 2027:
https://www.ncsc.gov.uk/guidance/using-ipsec-protect-data
After creating a VPN connection with the default security settings, you can modify the configuration in Windows using the PowerShell cmdlet Set-VpnConnectionIPsecConfiguration:
https://docs.microsoft.com/en-us/powershell/module/vpnclient/set-vpnconnectionipsecconfiguration?view=windowsserver2022-ps
To help distinguish the Phase 1 and Phase 2 settings, you can reference this table:
https://serverfault.com/questions/1106128/what-do-the-parameters-of-set-vpnconnectionipsecconfiguration-mean
A modified form of the pfSense guide, but more secure and highly compatible with both iOS and Windows 10:
Phase 1
- Encryption Algorithm: AES
- Key length: 256 bits
- Hash: SHA256
- DH Group: 14
Phase 2
- Encryption Algorithms: AES
- In the dropdown next to AES, choose 256 bits
- Hash Algorithms: SHA256
- PFS key group: 14 (2048 bit)
All other settings not mentioned above should be per the guide.
The last step is to replace the default SHA1 and DH Group 2 setting in Windows 10 with the more secure method (2048-bit MODP Group 14). Replace EXAMPLE with the name of the VPN connection you created.
- Similar to iOS clients, in pfSense set Phase 2 configuration -> Encryption Algorithms -> AES – change to Auto
- Modifying the existing VPN connection using PowerShell:
Set-VpnConnectionIPsecConfiguration -ConnectionName "EXAMPLE" -AuthenticationTransformConstants SHA256128 -CipherTransformConstants AES256 -EncryptionMethod AES256 -IntegrityCheckMethod SHA256 -DHGroup Group14 -PfsGroup PFS2048
- When asked to change the Cryptography Settings, choose Yes to continue.
- Try to connect to the VPN
Alternatively, to use the second recommendation by NCSC (Group 19):
Set-VpnConnectionIPsecConfiguration -ConnectionName "EXAMPLE" -AuthenticationTransformConstants SHA256128 -CipherTransformConstants AES256 -EncryptionMethod AES256 -IntegrityCheckMethod SHA256 -DHGroup ECP256 -PfsGroup ECP256