Windows IoT Core VPN Private-key support

Daniel Grothman 1 Reputation point
2021-03-23T21:23:28.187+00:00

I have followed the example VPN code from the following site:
https://learn.microsoft.com/en-us/windows/iot-core/connect-your-device/vpn
Unfortunately, looking through the linked documentation, there is no way to set the pre-shared key, so using a lt2p w/ pre-shared key is not possible. Any possibility for a update to allow setting the pre-shared key? I currently have it working as pptp with a username and password and using the ConnectProfileWithPasswordCredentials from the VpnManagementAgent class documented https://learn.microsoft.com/en-us/uwp/api/windows.networking.vpn.vpnmanagementagent?view=winrt-19041

Windows for IoT
Windows for IoT
A family of Microsoft operating systems designed for use in Internet of Things (IoT) devices.
409 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Cris Zhan-MSFT 6,646 Reputation points
    2021-03-25T01:41:06.57+00:00

    Hi,

    >there is no way to set the pre-shared key, so using a lt2p w/ pre-shared key is not possible. Any possibility for a update to allow setting the pre-shared key?

    It seems that there is no way to set PSK with the code in UWP.
    https://stackoverflow.com/questions/47280840/uwp-create-vpn-connection

    This is a C# UWP VPN sample.
    https://github.com/bsld/Csharp-UWP-VPN-Sample

    Also please note that Microsoft does not encourage the use of preshared keys, because it is a less secure method of authentication than certificates. Preshared keys are not meant to replace the use of certificates; instead, preshared keys are another method for testing and internal operations. Microsoft strongly recommends that you use certificates with L2TP whenever possible.
    https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security/configure-preshared-key-to-use-l2tp

    0 comments No comments

  2. Daniel Grothman 1 Reputation point
    2021-03-25T19:38:39.117+00:00

    I would hope, even if they don't encourage the use of preshared keys, they would still provide us with a way to add the PSK in code, because in Windows IoT Core there is not UI to add the key.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.