MX-64 / PCI compliance/ Win 11 VPN Client

BMG71
Here to help

MX-64 / PCI compliance/ Win 11 VPN Client

Hi all, 

Using the script from @PhilipDAth https://www.ifm.net.nz/cookbooks/meraki-client-vpn.html

Works awesome for Win 10 w/ PCI compliance to set up a VPN Client.
Unfortunately, it does not work well with Win 11. 
With no PCI I was getting an error with the section: # Detect and Delete Previous VPN Profile
It would just post an error message and then shut down Powershell. Once I commented that section out it worked great
With PCI it is not working with Win 11 and I am getting the general error and then shut down Powershell
BMG71_0-1643909590224.png

It seems to be making the XML but then fails on making the profile. 
I created a VPN client manually but am at a loss on how to raise the encryption level on the Win 11 client to allow it to connect to our MX now. Meraki support could not really help me as well and there is not much info out there on Win 11 VPN clients or PS commands. 

Any ideas?

 

2 REPLIES 2
BMG71
Here to help

Fixed it with 
Set-VpnConnectionIPsecConfiguration -ConnectionName "vpnprofile" -AuthenticationTransformConstants SHA196 -CipherTransformConstants AES128 -EncryptionMethod AES128 -IntegrityCheckMethod SHA1 -PfsGroup None -DHGroup Group14 -PassThru -Force

PhilipDAth
Kind of a big deal
Kind of a big deal

Well done.  I haven't messed with Windows 11 yet (been avoiding it).  It looks like they made a change that is not backwards compatible.

 

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels