L2TP/IPsec VPN with PSK on Windows 10 connecting to RRAS

When trying to connect a Windows 10 client to Server 2019 Routing and Remote Access L2TP/IPsec tunnel two important settings are required on the client that aren’t commonly documented:

  1. Maximum strength encryption:
    • Settings -> Network -> VPN
    • Change Adapter Options
    • Change Settings on this connection
    • Security -> Data encryption -> Maximum strength encryption
  2. Registry entry AssumeUDPEncapsulationContextOnSendRule set to 2, to enable Client and Server to be behind NAT devices – see: https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/configure-l2tp-ipsec-server-behind-nat-t-device