1

I use a Fritzbox 7530 Router in my home network as a VPN server. The VPN is configured as "IPSec Xauth PSK" with following settings: server name, IPSecID, IPSec shared key, user name and password. The connection works just fine using an Android Device with a preinstalled VPN client but I cannot do the same using Windows 10 Pro or Ubuntu 20. In both configurations the connection cannot be established at all.

Android phone settings (VPN works just fine):

enter image description here

Windows 10 Pro settings:

enter image description here

Ubuntu 20 settings:

enter image description here

enter image description here

I guess if it works fine with Android it has to work with any system which fulfils the requirments. Do you have an experience with such problems?

Improve this question
1

3 Answers 3

Reset to default
1

XAUTH is not supported by all VPN clients, and this is by design.

The reason for this is found in the article VPN server for remote clients using IKEv1 XAUTH with PSK

Using XAUTH PSK is the least secure mode of running IKE/IPsec. The reason is that everyone in the "group" has to know the PreShared Key (called PSK or secret). Even if you require further authentication, such as a username and password, someone that knows the PSK can launch a man-in-the-middle attack pretending to be the VPN server, If the client connects to the rogue server, it will tell the attacker their username and password.

The article lists clients that do support this unsafe security protocol :

Supported clients:

  • All Apple iphones, ipads
  • Mac OSX
  • Android
  • Linux with NetworkManager or commandline
  • Microsoft Windows using a third party client such as the Cisco client, or the free Shrew Soft client

You could use one of the above clients, or choose another VPN that doesn't use XAUTH PSK.

Improve this answer
0

Unfortunately this is just not possible with Windows 10. I‘ve tried for ages but there is something with the protocols the Fritz!Box expects.

There is however a programme for windows made by AVM that allows you to generate a setup file for the VPN Client Fritz!Fernzugang. For further instructions see here (unfortunately in German).

Improve this answer
2
  • Thank you for your answer! I'm from Germany so it's ok for me to read German stuff. I already tried this program and it worked for me, but I couldn't use the android connection any more. Some how those to configurations cannot coexist at the same time.
    – Anton
    Commented Aug 6, 2022 at 23:08
  • I figured that you are from Germany as your screenshots are in German, but on this site everything is in English. If you want to use both, you need to have two users set up
    – DarkDiamond
    Commented Aug 7, 2022 at 7:20
0

Unfortunately it's really impossible to connect to the "IPSec Xauth PSK" from Windows how @harrymc noticed in his answer. I could solve the problem by creating a virtual machine with Android following this video How to Install Android on VirtualBox (2021).

As Android supports this kind of VPN connections I could do it the same way I did on my phone and it works like a charm. I know this is not the best way to solve the problem, but I'll stick to it for now.

Please fill free to post other ideas if you have some.

P.S.

A few words on what I learned from this experience: I did not know that "IPSec Xauth PSK" and "L2TP IPSec PSK" a different methods and are not compatible to each other.

Here you can see the VPN kinds supported by Android by default:

VPN kinds supported by Android

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .