Dear Mikrotik Gurus

Currently I can connect windows 7 pro boxes using 3DES but the minute I change my settings to AES 256 I cant connect???

Set as 0.0.0.0/0 port 500
Firewall rules working

/ip ipsec peer
add enc-algorithm=aes-256 exchange-mode=main-l2tp generate-policy=yes \
hash-algorithm=sha1 nat-traversal=yes secret=xxxxxxxxxxxx

Chaning from 3DES to AES 256 windows 7 times out with a Error 789: The L2TP attemp failed because the security layer encountered a processing error during....
Yet if I flip it back to 3DES it works.....

Thanks for any info

For Phase 1 of IPSec Windows 7 supports only 3DES. However, you can configure any kind of encryption you like for Phase 2 (/ip ipsec proposal), and Windows will take it. I use aes-128 with no problems.