L2TP / IPsec encrption algorhytm

atomicduck · August 25, 2022, 11:47am

Hello, I have a Q regarding IPsec encryption algorithms, after some testing of SSTP and abysmally slow connection speed (about 5-6 mbps whatever I do) I established L2TP/IPsec connection which seems to work fine.

Now, I understand that by default encryption is rather weak, so I wanted to doublecheck if what I put up now is enough. Please see attached images. In essence, I set:
under proposals:
auth: sha-256
enc: aes-256-cbc

under profiles:
hash: sha-256
enc: aes-256

Everything works and saturates the link speed, so the Q is if this is secure enough?

Thanks!

tdw · August 26, 2022, 7:46pm

I used https://www.ncsc.gov.uk/guidance/using-ipsec-protect-data as a reference several years ago, the legacy profile being more than suffcient for the data involved.

/ip ipsec profile
set [ find default=yes ] dh-group=modp2048 enc-algorithm=aes-128 hash-algorithm=sha256
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha256 enc-algorithms=aes-128-cbc lifetime=8h pfs-group=modp2048

See the comments regarding using PSKs instead of certificates, in particular the entropy required - something along the lines of head -c 24 /dev/urandom | base64 on a linux system.

atomicduck · August 26, 2022, 9:35pm

Thank you. That document is amazing really, as it is highly useful. I hope my government would do things like that…
I implemented your suggestions, as I think they are valid.

As for certs vs PSK, I use this VPN for site to site, and keys are 250 chars long, complex gibberish. If someone manages to crack that, well, congrats.

PSK is simple, and if implemented correctly it works. I also use SSTP, as that thing works everywhere, but certificates are a hassle.