Hi there,
i wanna ask if there is an idea in the future to made it possible that i can select which sha or aes i will use?
Currently there is only sha1 and aes128 available, but sha1 is already known as vulnerable.
So currently there is only one way to fix this, you had to setup an ipsec tunnel and then the eoip trough it.
And thats a little bit boring if you had so much tunnels as i have.
Thanks!
i suppose you can tweak the default proposal template to have more secure encryption and hash algorithms.
the default is:
[me@cloudtik] /ip ipsec proposal> print
Flags: X - disabled, * - default
0 * name="default" auth-algorithms=sha1 enc-algorithms=aes-128-cbc lifetime=30m pfs-group=modp1024
i highly encourage the usage of proper DH groups for perfect forward secrecy. Group 14 (modp2048) is considered as minimum, and one shall be rather using elliptic curve ones (group19+).
with regards to hashing, i’ll say SHA256 (or SHA512) for phase 1, and use aes256 at least.
with regards to the peer section, you don’t seem to have much alternatives than manually configuring your all your peers.
the defaults are as you said (aes128/3des and sha1) and i see no knob to control this. this is extremely unpleasant as phase1 is very important, if someone breaks into that, then you are screwed.
luckily we have modp2048 (group14) as default PFS setting here:
[me@cloudtik] /ip ipsec peer> export
# apr/15/2018 13:42:42 by RouterOS 6.41.4
# software id = KTQF-XXXX
#
#
#
/ip ipsec peer
add
[me@cloudtik] /ip ipsec peer> export verbose
# apr/15/2018 13:42:46 by RouterOS 6.41.4
# software id = KTQF-XXXX
#
#
#
/ip ipsec peer
add address=::/0 auth-method=pre-shared-key dh-group=modp2048,modp1024 disabled=no dpd-interval=2m dpd-maximum-failures=5 enc-algorithm=aes-128,3des exchange-mode=main generate-policy=no hash-algorithm=sha1 lifetime=1d nat-traversal=yes \
policy-template-group=default proposal-check=obey secret="" send-initial-contact=yes
just did a short test in the labs:
[me@cloudtik] /ip ipsec policy> /interface eoip print detail
Flags: X - disabled, R - running
0 R name="eoip1" mtu=auto actual-mtu=1388 l2mtu=65535 mac-address=FE:18:5E:B0:C2:49 arp=enabled arp-timeout=auto loop-protect=default loop-protect-status=off loop-protect-send-interval=5s loop-protect-disable-time=5m local-address=31.46.40.89
remote-address=31.46.40.79 tunnel-id=666 keepalive=1s,4 dscp=inherit clamp-tcp-mss=yes dont-fragment=no ipsec-secret="thisisthetest" allow-fast-path=no
[me@cloudtik] /ip ipsec policy> print detail
Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default
0 T * group=default src-address=0.0.0.0/0 dst-address=0.0.0.0/0 protocol=all proposal=default template=yes
1 DA ;;; eoip1
src-address=31.46.40.89/32 src-port=any dst-address=31.46.40.79/32 dst-port=any protocol=gre action=encrypt level=require ipsec-protocols=esp tunnel=no proposal=default ph2-count=2
as the dynamically created policy is using the “default” proposal, it is indeed running on more secure parameters:
[me@cloudtik] /ip ipsec> installed-sa print detail
Flags: H - hw-aead, A - AH, E - ESP
0 E spi=0x7E6D54E src-address=31.46.40.79 dst-address=31.46.40.89 state=mature auth-algorithm=sha512 enc-algorithm=aes-cbc enc-key-size=256
auth-key="0933dzzzzeca0809a994zzzz959f6c884a1d4b463a5c7e558a72080184bf5c579674598df64e794919a2115b520cf838ed7c7321467191f89688266f4d1f937e" enc-key="1e8695zzzzzc5b000756e97dzzzzzz527d4eb149fa912224e512b8bdc703f685" add-lifetime=24m/30m
replay=128
1 E spi=0xD9D2A5B src-address=31.46.40.89 dst-address=31.46.40.79 state=mature auth-algorithm=sha512 enc-algorithm=aes-cbc enc-key-size=256
auth-key="0933dzzzzeca0809a994zzzz959f6c884a1d4b463a5c7e558a72080184bf5c579674598df64e794919a2115b520cf838ed7c7321467191f89688266f4d1f937e" enc-key="1e8695zzzzzc5b000756e97dzzzzzz527d4eb149fa912224e512b8bdc703f685"
addtime=apr/15/2018 13:51:54 expires-in=22m28s add-lifetime=24m/30m current-bytes=8 current-packets=1 replay=128
but the dynamic peer config (responsible for phase1) is the “hard coded” default as i suggested:
[me@cloudtik] /ip ipsec> peer print detail
Flags: X - disabled, D - dynamic, R - responder
0 D ;;; eoip1
address=31.46.40.79/32 local-address=31.46.40.89 auth-method=pre-shared-key secret="thisisthetest" generate-policy=no policy-template-group=default exchange-mode=main send-initial-contact=yes nat-traversal=yes proposal-check=obey
hash-algorithm=sha1 enc-algorithm=aes-128,3des dh-group=modp2048,modp1024 lifetime=1d dpd-interval=2m dpd-maximum-failures=5
all in all, i’d like to see the following option in IPSec-capable routerOS interfaces (and servers):
[me@cloudtik] /interface eoip> print
Flags: X - disabled, R - running
0 R name="eoip1" mtu=auto actual-mtu=1388 l2mtu=65535 mac-address=FE:18:5E:B0:C2:49 arp=enabled arp-timeout=auto
loop-protect=default loop-protect-status=off loop-protect-send-interval=5s loop-protect-disable-time=5m
local-address=31.46.40.89 remote-address=31.46.40.79 tunnel-id=666 keepalive=1s,4 dscp=inherit
clamp-tcp-mss=yes dont-fragment=no ipsec-secret="thisisthetest" allow-fast-path=no
ipsec-peer-template=default
then the dynamic ipsec configuration would be done based on these.
so the initial configuration in routeros should look like this:
/ip ipsec peer template
add default local-address::/0 remote-address=::/0 auth-method=pre-shared-key secret="" exchange-mode=main \
policy-template-group=default nat-traversal=yes hash-algorithm=sha1 enc-algorithm=aes-128,3des \
dh-group=modp2048,modp1024 lifetime=1d dpd-interval=2m dpd-maximum-failures=5
so we could tweak all phase1 parameters in dynamic sessions, even certificate-based auth would be possible, and by setting “policy-template-group” to an user defined one we could also have control over phase2 parameters. but it would not break existing “not so secure” peers.
this should apply to:
and of course their v6 capable counterparts.
Yeah it would be really nice if this feature would be added, because i had to configure a lot of tunnels by hand. If it would be implementet that i can chose the profile, i didn’t need to configure for each peer a seperat ipsec tunnel and can use eoip with secret.
Or is there any other way that the Eoip Tunnel did not chose the default configuration? Or can i adjust the default and optimize it?
It’s really poor for me now 
Hi there,
any news about eoip with generating automated the ipsec tunnel with more than sha1 and aes128? Or do i still need to do this by hand?
kind regards
When you think that your data is so secret and important that aes128 is nog good enough for you, it should not be too much effort to manually configure IPsec.
It is quite easy, just setup with automatic IPsec first, then copy the generated IPsec setup and change it to your liking and remove the automatic IPsec.
In fact, when you are so concerned about Phase1 security, it is probably a good idea to instead look at your firewall rules so ISAKMP is only allowed from your peer(s).