TR Forums

Just got started in VPN, and messing around with L2TP since it's widely supported. In PSK mode, all parties authenticate via a shared secret key. What would prevent a man in the middle attack by spoofing the VPN gateway if the spoofer also has an account on the gateway? And how much damage could be done if the PSK was leaked?

seeker010 wrote:

Just got started in VPN, and messing around with L2TP since it's widely supported. In PSK mode, all parties authenticate via a shared secret key. What would prevent a man in the middle attack by spoofing the VPN gateway if the spoofer also has an account on the gateway? And how much damage could be done if the PSK was leaked?

If your PSK is leaked, you need to change it STAT.

as far as man in the middle attacks, are you talking about someone spoofing the gateway VIA the gateway, or like a switch in between you and the gateway?

I'm talking about this man in the middle attack

me l2tp/ipsec encrypt -> decrypt spoofer re-encrypt -> decrypt vpn gateway

seeker010 wrote:

I'm talking about this man in the middle attack

me l2tp/ipsec encrypt -> decrypt spoofer re-encrypt -> decrypt vpn gateway

Oh,ok. Like somebody poisoned the ARP cache, or they overloaded the CAM and the switch started acting like a hub, letting the bad guy packet capture to his hearts content?

In theory, as long as the PSK was never transmitted in cleartext, it would be resistant to that type of attack. In theory.

seeker010 wrote:

I'm talking about this man in the middle attack

me l2tp/ipsec encrypt -> decrypt spoofer re-encrypt -> decrypt vpn gateway

Speaking of gateways, which model are we talking about here? Different appliances can have different options. Juniper, Cisco, RouterOS?

Geez, sorry about the triple post, but how to you authenticate to the VPN gateway? Certificate? login via a Radius or TACACS+ server?

I'm doing this real high end. I'm trying out different vpn options on my windows 2012 box, but using sstp for my rt tablet, so authenticating via windows login and MS-CHAP v2 I assume. Was trying to connect an ipad so had to set up l2tp psk. reminded me of some VPN providers that provide L2TP/IPSEC with a known shared PSK so wanted to ask.

so if the PSK is known someone who can authentic on the VPN gateway could theoretically hijack the packets and decrypt'/re-encrypt

MS-CHAP is not secure and should not be used without EAP-TLS or PEAP.

https://www.cloudcracker.com/blog/2012/ ... s-chap-v2/

Edit: And yes, PSK as a method in IPsec is no different a concept than PSK in WPA. If you know the PSK then you have the keys to begin the process to engage in an eavesdropping attack. Intercepting the PSK would also allow for a brute force attack to reveal the PSK (just like WPA).

http://graland-security.blogspot.com/20 ... e-can.html

seeker010 wrote:

I'm doing this real high end. I'm trying out different vpn options on my windows 2012 box, but using sstp for my rt tablet, so authenticating via windows login and MS-CHAP v2 I assume. Was trying to connect an ipad so had to set up l2tp psk. reminded me of some VPN providers that provide L2TP/IPSEC with a known shared PSK so wanted to ask.

so if the PSK is known someone who can authentic on the VPN gateway could theoretically hijack the packets and decrypt'/re-encrypt

L2TP/IPSEC VPNs tend to be resistant to MITM attacks, since data-origination and data integrity are part of the spec. With that said, you really SHOULDN'T use PSK. It's just a risk. The question is whether it's an acceptable risk to you. Sometimes ease of use can trump security measures.

I set up an OpenVPN on my router[0] last week so I could have a secure connection over public wireless for a trip. Worked really well once I understood how to set the clients and servers up properly & got the filesets copied to each client. It's higher-level than IPSec, being TLS-based, but it's reasonably easy to authenticate with just a set of certificates & keys or with those and a password, no PSK needed[1], and there are free-as-in-beer clients for many platforms.

It was a pain to set up, though, or rather to find a guide that made sense... also needed to download the easy-rsa package and OpenSSL separately (for cert/key generation) since OpenVPN no longer includes them.

[0] It runs Shibby's mod of Tomato Firmware.

[1] unless you want to set up extra HMAC authorization, which basically signs each packet with a PSK on top of the TLS authentication. You probably want to; enabling that blocks Heartbleed, for instance, because any client without that PSK is immediately ignored.

bthylafh wrote:

I set up an OpenVPN on my router[0] last week so I could have a secure connection over public wireless for a trip. Worked really well once I understood how to set the clients and servers up properly & got the filesets copied to each client. It's higher-level than IPSec, being TLS-based, but it's reasonably easy to authenticate with just a set of certificates & keys or with those and a password, no PSK needed[1], and there are free-as-in-beer clients for many platforms.

It was a pain to set up, though, or rather to find a guide that made sense... also needed to download the easy-rsa package and OpenSSL separately (for cert/key generation) since OpenVPN no longer includes them.

[0] It runs Shibby's mod of Tomato Firmware.

[1] unless you want to set up extra HMAC authorization, which basically signs each packet with a PSK on top of the TLS authentication. You probably want to; enabling that blocks Heartbleed, for instance, because any client without that PSK is immediately ignored.

Features like that are awesome. I love port authorization, ip source guard, et al. "You ain't on the list, pal. *CLICK*"