This article describes how to deploy L2TP over IPSec VPN connections on Windows 10.
NOTE - This article was written using Windows 10 OS Build 14393.351. To check your build number type winver in the Windows "Ask me anything" box. Mismatched versions may lead to mismatched settings.
Click the Start button in the bottom-left corner of the screen. Click on Settings.
Click on Network & Settings.
Select VPN in the left-hand menu. Then click on Add a VPN connection
For the VPN Provider field select Windows (built-in). Fill in each field:
Connection name - Can be anything
Server name or address - This will be the public IP of the NGFW. If there are multiple public IP's this would be whatever IP address is in the Server Listen Addresses under the VPN Config tab.
VPN type - L2TP/IPSec with pre-shared key
Pre-shared key - enter the IPSec Secret from the VPN Config tab of the IPSec module on the NGFW.
Type of sign-in info - User name and password
User name (optional) - The username to be used for this connection
Password (optional) - The password to be used for this connection
Click on Change adapter options
In the connections list find the connection named in Step 4. Right-click on that connection and select Properties.
On the Security tab, select Allow these protocols then check the box labeled Microsoft CHAP Version 2 (MS-CHAP v2)
Go back to the Network & Internet Settings window and click on the VPN connection.
Click the Connect button.
You should see the status Connected after the connection completes.