Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » L2TP VPN
  •  
RMCholewa

Messages: 9
Karma: 0
Send a private message to this user
Hi there,

I currently use multiple VPN service subscriptions with Kerio. Most VPN providers offer various VPN protocols, like PPTP, L2TP and OpenVPN.

Kerio is lacking regarding VPN config options. In fact, in Advanced, you may choose the auth method and, under security, Use MPPE, Require 128-bit encryption and allow stateful encryption.

I think that these Security options are only applicable when using PPTP. Funny is that even if you choose a L2TP tunnel, the security options are there too.

I want to use L2TP (more secure) but I can´t see anywhere any evidence that the tunnel is in fact encrypted and the parameters negotiated. The debug log says nothing about encryption, cypher etc.

How can I be sure that my l2tp traffic is encrypted? Are there any settings that I may use to force encryption options?

Thank you!
  •  
RMCholewa

Messages: 9
Karma: 0
Send a private message to this user
Hi again,

Sorry to bump it, but I find it rather amusing that l2tp is a potentially more secure form of VPN, but there is not a single way of verifying that my connection is encrypted.

I am hardly a security expert, but afaik, you might use l2tp without encryption and, in fact, l2tp does not "provide" encryption. That´s why you associate l2tp with ipsec.

So, basically, there is no way of verifying that those l2tp connections I set up are encrypted, not by looking at the config options or looking at the logs, at least.

Any ideas?? Using PPTP and forcing 128-bit encryption at least means I am sure traffic is encrypted...
Previous Topic: Kerio Control Slow with limit 100%
Next Topic: pFsense + Kerio
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Mar 27 10:29:07 CEST 2017

Total time taken to generate the page: 0.00315 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.