Setting up IKEv2 VPN client on Windows 11
Posted by Aidil A. on 30 August 2022 12:42 PM
Adding NegotiateDH2048_AES256 into Windows registry
By default Windows 7 up to Windows 11 propose only the weak modp1024 Diffie-Hellman key exchange algorithm that has been deprecated by NIST Special Publication 800-57 Part 3 Revision 1 since 2015:
ike = 3des-aes128-aes192-aes256-sha1-sha256-sha384-modp1024
Therefore, any attempt connect to IKEv2 VPN server, you will getting
You will need to enable the modp2048 Diffie-Hellman group by adding the NegotiateDH2048_AES256 DWORD into the Windows registry using
Download following zip file:
Once downloaded, proceed to extract or decompress it. You should see one (1)
Double click on it to automatically merge NegotiateDH2048_AES256 into Windows registry.
Click Yes to continue
Click Ok to close the dialog box
Setting IKEv2 VPN client
Once NegotiateDH2048_AES256 added into your Windows registry, you are now ready to create a new IKEv2 VPN connection.
VPN information as stated below will be located within activation form email:
- VPN Server hostname
Create VPN connection
1. Select Network Settings. The network icon will depend on how your PC/notebook connected to the network.
PC/monitor icon if connected using network cable CAT5/CAT5e
Wave icon if connected using WiFi
2. Create a new VPN connection
3. Click Add VPN
4. In Add a VPN connection, do the following:
Edit VPN connection properties
Once the VPN connection created, open its properties via
Alternatively, click on Windows start button and type
3. Select the VPN connection you have created earlier and right-mouse click on it and select
You are now ready connect to the IKEv2 VPN server. Select your VPN connection and click on
Connect to a VPN
Once VPN connection no longer needed, select your VPN connection and click on
If you face any difficulties on the setup, please feel free to contact our support team by submitting a ticket on https://247livesupport.biz or emailing out support team at firstname.lastname@example.org.