Windows 10: Persistent errors with certificate hash algorithm selection on IKEv2 VPN with updated...

Hello, I have been dealing with VPN errors that persist across new OS installs and so seem to have to do with Windows 11 updates the PC is receiving. It is an IKEv2-only VPN with the native Windows client. Upon a new Windows 11 Pro installation from bootable media made with the Microsoft tool, the VPN works properly. However, eventually it will always start failing to connect after the computer has been updated. According to the server logs this is because, for unknown reasons, Windows begins ignoring the VPN connection configuration or becomes unable to use the proper algorithm to verify the

:)

 

SSL Certificate Signed Using Weak Hashing Algorithm

Tenable Scan provides the below report but i dont see any certificate with MD2, MD4, MD5, or SHA1.

Could you please advise the fix for this case?

An SSL certificate in the certificate chain has been signed using a weak hash algorithm.

The remote service uses an SSL certificate chain that has been signed using a cryptographically weak hashing algorithm (e.g. MD2, MD4, MD5, or SHA1). These signature algorithms are known to be vulnerable to collision attacks. An attacker can exploit this to generate another certificate with the same digital signature, allowing an attacker to masquerade as the affected service.



Note that this plugin reports all SSL certificate chains signed with SHA-1 that expire after January 1, 2017 as vulnerable. This is in accordance with Google's gradual sunsetting of the SHA-1 cryptographic hash algorithm.



Note that certificates in the chain that are contained in the Nessus CA database (known_CA.inc) have been ignored.

 

Ikev2 VPN Internal authentication error

Hi everyone,
I have windows 10 pro 20H2,
I have a problem with my Nordvpn protocal IKev2/IPsec as you see in screenshot.





Sometimes when I want to connect with Ikev2 it gives error named: Internal authentication error. But just after using browser or restarting pc ,the error get fixed and when I connect it then it connected (see picture).



I tried IKev2 of protonvpn free by installing its certificate and its work fine when ever I connect it,it always connect but nordvpn not. I tried connecting nordvpn just after disconnecting nordvpn but no success.

I also tried different locations & countries but all have same issue.

Please tell me why there is authentication error ,how I fix it and whether its windows ikev2 problem or nordvpn ,I followed their full tutorial to install ikev2 from nordvpn and this problem occur everytime even after clean install windows so I have to wait sometime before successfully connecting to VPN

 

Windows not ask for select a certificate when creating a VPN IKEv2 manually. Why?

I'm trying to create a VPN IKEv2 on Windows manually, because I'm having some problems to use my old generated VNet client from Azure.

I was following the instructions for Mac OS X to have some clues about to do the same on Windows. But when I create the VPN and choose as authentication type the "Certificate" and save the VPN, the Windows not ask for the certificate at any moment.

The instructions for Linux (using StrongSwan) also have the certificate selection.

I was able to connect with the created VPN (?), but as expected this not establish a secure connection that makes me able to access the Azure private network.

So, why a manually created VPN IKEv2 on Windows is not asking for a certificate?