SoftEther VPN User Forum

SoftEther VPN User Forum
https://forum.softether.org/

L2TP/IPSec Cipher Suites support?

https://forum.softether.org/viewtopic.php?f=7&t=63335

Page 1 of 1

L2TP/IPSec Cipher Suites support?

Posted: Mon Sep 24, 2018 5:49 pm
by sriram
Hi,

I'm running the newest version of SoftEther (Ver 4.28, Build 9669) on Windows 10 Pro.

The SoftEther specification states that AES is supported under L2TP/IPSec however, the server only advertises 3DES support. For example, in the SoftEther VPN Server Manager window, in the Encryption and Network menu, I have the encryption algorithm set to AES256-SHA256. Yet, when the server is queried with ike-scan, it only advertises support for 3DES:

Code: Select all

SA=(Enc=3DES Hash=SHA1 Auth=PSK Group=2:modp1024 LifeType=Seconds LifeDuration=28800)
Can some one tell me what encryption algorithms, key sizes and hash functions are supported by SoftEther's L2TP/IPSec function? Also, is there a way to specify which DH group is to be used?

Thanks!

Edit: AES with SHA-1 does not work either.

Re: L2TP/IPSec Cipher Suites support?

Posted: Wed Sep 26, 2018 8:34 pm
by sriram
Just a bump to see if anyone knows what cipher suites the IPsec implementation in SoftEther supports and how to force a non-3DES encryption. Thanks!

Re: L2TP/IPSec Cipher Suites support?

Posted: Sat Oct 06, 2018 6:32 am
by opienof
You can specify Phase1/Phase2 algorithms on client side, something like this
42413191-beea17dc-820a-11e8-94da-98de099ca3d9.png

Re: L2TP/IPSec Cipher Suites support?

Posted: Sat Oct 06, 2018 3:03 pm
by sriram
I've tried doing that on my Ubuntu box but the VPN will not connect for any cipher suite other than 3DES-SHA1.

Re: L2TP/IPSec Cipher Suites support?

Posted: Sun Oct 14, 2018 1:58 pm
by opienof
I use NetworkManager-l2tp-gnome in cojunction with NetworkManager-libreswan, which is missing in Ubuntu but available on fedora
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/