Windows cipher support
About the relatively weak default ciphers in Windows, and alternatives.
By default, Microsoft supports Diffie-Hellman Group 2 for the key exchange process with a client. In general, cyber-security experts consider this to be weak; and the industry is also on a trend away from SHA1.
At present, Microsoft does not provide a way for us to increase the strength of the ciphers that we use through the VPN GUI. Instead, we must use VpnClient cmdlets to configure stronger algorithms through Powershell.
RA VPN server negotiation example
An example of how the RA VPN server will respond where: (1) the Windows 10 client uses the default algorithms to negotiate, (2) the RA VPN server uses the strong algorithms that we recommend.
# Security Ciphers Proposed by Windows 10
received proposals: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:3DES_CBC/H
MAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC_128/HMAC_SHA2_384_192
/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_CBC_192/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_192/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC_192/HMAC_SHA2_384_192/PRF_HMAC_SHA2_3
84/MODP_1024, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC_256/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024, IK
E:AES_GCM_16_128/PRF_HMAC_SHA1/MODP_1024, IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_GCM_16_128/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_GCM_16_256/PRF_HMAC_SHA1/MODP_1024, IKE:AES_GCM_16
_256/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_GCM_16_256/PRF_HMAC_SHA2_384/MODP_1024
# Security Ciphers Configured on RA VPN Server
configured proposals: IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/ECP_256
remote host is behind NAT
received proposals unacceptable # Mismatch in Proposals so negotation fails
generating IKE_SA_INIT response 0 [ N(NO_PROP) ]