SoftEther VPN User Forum

So the combination above does not work for me. The built in client does not work for me using AD authentication since we have NTLMv1 disabled in our domain. It does work if I create the users manually and assign passwords. It also works with the SE Client. The result is the same using L2TP or SSTP.

For ease of use, I would really like to have users be able to use the built in clients.

Has anyone found a way to make this combination work? I have gotten a work around of configuring Network Policy Server on the server to use Radius authentication but the powers that be have concerns with radius security.

Setup:
SE VPN Server is on a Windows 2012 server joined to a domain that has NTLMv1 disabled (level 5 fwiw). Client is a Windows 10 machine using either L2TP or SSTP built in client.

Please try to enable PAP in the client.

i don't see any where to enable PAP on my windows 10 PC under the VPN connection

Doing this reg hack corrected the problem on my windows 10 computer

For Windows XP:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec
RegValue: AssumeUDPEncapsulationContextOnSendRule
Type: DWORD
Data Value: 2

For Windows Vista, 7, 8, 10, and 2008 Server:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
RegValue: AssumeUDPEncapsulationContextOnSendRule
Type: DWORD
Data Value: 2

Note that after creating this key you will need to reboot the machine