DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
IPSEC VPN that is NOT SHA-1
- tch@iqx.co.uk
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
27 Mar 2018 15:27 #91200
by tch@iqx.co.uk
IPSEC VPN that is NOT SHA-1 was created by tch@iqx.co.uk
I have tried everything I can think of without success so I'm come to those that know.
We have a couple of 2925n+ routers with a LAN-LAN VPN that is working well. After getting to 3.8.7 we were able to create a site to site dial up that uses AES-SHA256 without issue.
Then we wanted to improve the encryption for the Client VPN dial-in. While getting the AES element is not a problem getting the system to support SHA256 seems to be beyond me.
The clients are a combination of Windows 8.1 and 10 and every time I look at the connection manager I see AES-SHA1
Does anyone one have the steps involved to create a secure client to site VPN or is it time to replace these routers with something that might have some security.
Thanks
Tim
We have a couple of 2925n+ routers with a LAN-LAN VPN that is working well. After getting to 3.8.7 we were able to create a site to site dial up that uses AES-SHA256 without issue.
Then we wanted to improve the encryption for the Client VPN dial-in. While getting the AES element is not a problem getting the system to support SHA256 seems to be beyond me.
The clients are a combination of Windows 8.1 and 10 and every time I look at the connection manager I see AES-SHA1
Does anyone one have the steps involved to create a secure client to site VPN or is it time to replace these routers with something that might have some security.
Thanks
Tim
Please Log in or Create an account to join the conversation.
- tch@iqx.co.uk
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
28 Mar 2018 09:41 #91204
by tch@iqx.co.uk
Replied by tch@iqx.co.uk on topic Re: IPSEC VPN that is NOT SHA-1
I don't believe that this is true as the SHA256 should be set on the router, but support has said the following and if true, there is a major problem that every Draytek has with their VPNs
"Our Smart client software does not support SHA256, the next best solution would be to use another 3rd party software that supports this encryption."
If support is coming out with lines like this, is there someone who should know?
Thanks
Tim
"Our Smart client software does not support SHA256, the next best solution would be to use another 3rd party software that supports this encryption."
If support is coming out with lines like this, is there someone who should know?
Thanks
Tim
Please Log in or Create an account to join the conversation.
- tch@iqx.co.uk
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
28 Mar 2018 11:46 #91206
by tch@iqx.co.uk
Replied by tch@iqx.co.uk on topic Re: IPSEC VPN that is NOT SHA-1
I was contacted by Louis from Draytek from where I made a documentation suggestion and that has produced a line of investigation that has borne fruit!
The suggestion was to modify the connecting workstation and set:
Windows firewall with advanced security --> (right panel) Properties --> IPsec Settings --> Customize IPsec defaults --> Key Exchange (advanced)
You can set defaults etc. however this was NOT successful in changing the connection from AES-SHA1
We then took this a stage further and used powershell to modify the connection as per
https://docs.microsoft.com/en-gb/powershell/module/vpnclient/set-vpnconnectionipsecconfiguration?view=win10-ps
The connection we used was
Set-VpnConnectionIPsecConfiguration -ConnectionName "Office" -AuthenticationTransformConstants SHA256128 -CipherTransformConstants AES256 -EncryptionMethod AES256 -IntegrityCheckMethod SHA256 -PfsGroup None -DHGroup Group14 -PassThru -Force
The element that is critical is the -AuthenticationTransformConstants SHA256128 and we haven't played with the other available options todate.
This gives a client connection that is at least AES-SHA256 and therefore provides a small challenge to decrypt rather than none at all.
I hope that someone finds this useful.
Thanks
Tim
The suggestion was to modify the connecting workstation and set:
Windows firewall with advanced security --> (right panel) Properties --> IPsec Settings --> Customize IPsec defaults --> Key Exchange (advanced)
You can set defaults etc. however this was NOT successful in changing the connection from AES-SHA1
We then took this a stage further and used powershell to modify the connection as per
The connection we used was
Set-VpnConnectionIPsecConfiguration -ConnectionName "Office" -AuthenticationTransformConstants SHA256128 -CipherTransformConstants AES256 -EncryptionMethod AES256 -IntegrityCheckMethod SHA256 -PfsGroup None -DHGroup Group14 -PassThru -Force
The element that is critical is the -AuthenticationTransformConstants SHA256128 and we haven't played with the other available options todate.
This gives a client connection that is at least AES-SHA256 and therefore provides a small challenge to decrypt rather than none at all.
I hope that someone finds this useful.
Thanks
Tim
Please Log in or Create an account to join the conversation.
- macavity
- Offline
- Member
Less
More
- Posts: 225
- Thank you received: 0
29 Mar 2018 16:08 #91224
by macavity
Thanks. That's great, I'm sure people will.
Why does SHA1 provide no challenge at all? If you're referring to collisions. My understanding is that IKE / ESP mode is designed to mitigate against collision attacks so SHA1 is acceptable for use, where as the same advice wouldn't apply to a SHA1 signed certificate.
It is recommended to use SHA-256 but it's still acceptable to use SHA-1, there are some client operating systems around that don't support SHA-256
https://www.ncsc.gov.uk/guidance/using-ipsec-protect-data
Replied by macavity on topic Re: IPSEC VPN that is NOT SHA-1
I hope that someone finds this useful.tch@iqx.co.uk wrote:
Thanks
Tim
Thanks. That's great, I'm sure people will.
tch@iqx.co.uk wrote:
This gives a client connection that is at least AES-SHA256 and therefore provides a small challenge to decrypt rather than none at all.
Why does SHA1 provide no challenge at all? If you're referring to collisions. My understanding is that IKE / ESP mode is designed to mitigate against collision attacks so SHA1 is acceptable for use, where as the same advice wouldn't apply to a SHA1 signed certificate.
It is recommended to use SHA-256 but it's still acceptable to use SHA-1, there are some client operating systems around that don't support SHA-256
We are aware that some currently fielded devices are unable to perform SHA-256-128 for the ESP integrity algorithm. In accordance with wider recommendations on the use of SHA-1, it is acceptable to continue to use HMAC-SHA-1 as the ESP integrity algorithm at this time.
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek