Cisco VPN Concentrator 3000

From royhills
Revision as of 10:47, 27 November 2009 by Widloecher (talk | contribs) (added vpnc - client for cisco vpn concentrator)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Platform Notes

The Cisco VPN Concentrator 3000 was originally an Altiga Networks product. Cisco acquired Altiga in 2000. The Altiga products were called C5, C15 Etc. These were re-badged as the Cisco VPN Concentrator 3005, 3015 Etc.

There are six models: 3005, 3015, 3020, 3030, 3060 and 3080. The 3005 performs all encryption in software; the higher models include slots for hardware encryption modules (SEP and SEP-E) and can also accommodate more memory.

The Cisco VPN Concentrator 3000 runs the pSOS+ operating system on a Motorola CPU. It uses an industry-standard Compact Flash card to store the operating system and configuration.

Cisco VPN Concentrators are often used for high volume remote access VPNs. The high-end models can support hundreds of IPsec tunnels.

IPsec with IKE is enabled by default.

An End-of-Life announcement for the Cisco VPN concentrator was posted on Feb 2007, the end of sale date will be Aug 2007.

Version History

Version Release Date Notes
3.5
3.6 AES Encryption and DH group 5 introduced
4.0 SEP-E encryption module support introduced
4.1 WebVPN introduced
4.7 Mar 2005 SSL VPN and Cisco Secure desktop introduced

Software versions 3.5, 3.6 and 4.0 are obsolete now.

Because the Cisco VPN Concentrator 3000 will soon be reaching End-of-Life, it is expected that 4.7 will be the last software release for this platform.

Unless mentioned otherwise, the examples below are from a Cisco VPN Concentrator 3005 running software version 4.7.2.L

Backoff Patterns

Cisco VPN Concentrator 3000 series has the four-packet backoff pattern:

0, 8, 8, 8

Below is an example backoff pattern from a Cisco VPN Concentrator 3030 running software version 4.7.2E:

$ ike-scan -M --showbackoff 192.168.124.253
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.253 Main Mode Handshake returned
        HDR=(CKY-R=92ca87ca7d38b4c7)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)

IKE Backoff Patterns:

IP Address      No.     Recv time               Delta Time
192.168.124.253 1       1171889630.344950       0.000000
192.168.124.253 2       1171889638.336474       7.991524
192.168.124.253 3       1171889646.335458       7.998984
192.168.124.253 4       1171889654.334416       7.998958
192.168.124.253 Implementation guess: Cisco VPN Concentrator

Vendor IDs

The Cisco VPN Concentrator sends the following Vendor IDs in the first Main Mode packet:

  • 4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)

And it sends the following Vendor IDs in the first Aggressive Mode packet:

  • 12f5f28c457168a9702d9fe274cc0100 (Cisco Unity)
  • 09002689dfd6b712 (XAUTH)
  • afcad71368a1f1c96b8696fc77570100 (Dead Peer Detection v1.0)
  • 4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)
  • 4187bd00363672eee05be3a6f95d9528 (Unknown, varies)
  • 1f07f70eaa6514d3b0fa96542a500407 (Cisco VPN Concentrator)

Authentication Methods

The Cisco VPN Concentrator 3000 supports the following authentication methods:

  • Pre-Shared Key
  • RSA Signature
  • Hybrid
  • XAUTH

Here are examples showing IKE responses with these authentication mechanisms:

$ ike-scan -M --auth=1 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=15ff31044a4a1c2b)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)
$ ike-scan -M --auth=3 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=d884567c91171866)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=RSA_Sig LifeType=Seconds LifeDuration=28800)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)
$ ike-scan -M --auth=64221 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=6ee4af1bee63e7cd)
        SA=(Enc=3DES Hash=SHA1 Group=2:modp1024 Auth=Hybrid LifeType=Seconds LifeDuration=28800)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)
$ ike-scan -M --auth=65001 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=0cbf680b099121bf)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=XAUTH LifeType=Seconds LifeDuration=28800)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)

ISAKMP SA Lifetime

Here we specify no lifetime attributes, and the concentrator responds without any lifetime attributes in its response.

$ ike-scan -M --lifetime=none 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=dd52d15517592765)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)

Here we specify the value 1 for both seconds and kilobytes, and observe both returned.

$ ike-scan -M --lifetime=1 --lifesize=1 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=8c95f40f6172d16f)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=1 LifeType=Kilobytes LifeDuration=1)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)

Here is the same thing with the value 0xffffffff. In this case, the concentrator returns the attributes as variable length.

$ ike-scan -M --lifetime=0xffffffff --lifesize=0xffffffff 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=64e8975409759a7f)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration(4)=0xffffffff LifeType=Kilobytes LifeDuration(4)=0xffffffff)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)

If we specify values that use more than four bytes, the concentrator does not respond.

$ ike-scan -M --lifetime=0xffffffffffffffff --lifesize=0xffffffffffffffff 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)

Ending ike-scan 1.9.1: 1 hosts scanned in 2.502 seconds (0.40 hosts/sec).  0 returned handshake; 0 returned notify

Transform Attribute ordering and re-writing

The Cisco VPN Concentrator always returns transform attributes in the order: Enc [,KeyLength], Hash, Group, Auth [,LifeType=Seconds] [,LifeType=Kilobytes].

$ ike-scan -M --trans="(1=5,2=1,3=1,4=2)" 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=e5b11330e001c63f)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)
$ ike-scan -M --trans="(4=2,3=1,2=1,1=5)" 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=70569793dbcb637f)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)
$ ike-scan -M --trans="(1=7,4=2,3=1,2=2,14=128)" 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=4db99a8e898c004e)
        SA=(Enc=AES KeyLength=128 Hash=SHA1 Group=2:modp1024 Auth=PSK)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)
$ ike-scan -M --trans="(14=128,11=1,12=5678,11=2,12=1234,4=2,3=1,2=2,1=7)" 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=d6cca16601d26893)
        SA=(Enc=AES KeyLength=128 Hash=SHA1 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=5678 LifeType=Kilobytes LifeDuration=1234)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)

Aggressive Mode

The Cisco VPN Concentrator 3000 supports aggressive mode.

The vpn group name is given as the ID. Later versions will respond to any ID to prevent groupname enumeration.

Here is an example aggressive mode response.

$ ike-scan -M -A --id=vpngroup 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Aggressive Mode Handshake returned
        HDR=(CKY-R=b4401a1d363772ee)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800)
        KeyExchange(128 bytes)
        Nonce(20 bytes)
        ID(Type=ID_IPV4_ADDR, Value=192.168.124.152)
        Hash(16 bytes)
        VID=12f5f28c457168a9702d9fe274cc0100 (Cisco Unity)
        VID=09002689dfd6b712 (XAUTH)
        VID=afcad71368a1f1c96b8696fc77570100 (Dead Peer Detection v1.0)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)
        VID=4187bd00363672eee05be3a6f95d9528
        VID=1f07f70eaa6514d3b0fa96542a500407 (Cisco VPN Concentrator)

Response to Noncompliant and Malformed Packets

No Acceptable Transforms

The Cisco VPN Concentrator does not respond to unacceptable proposals.

$ ike-scan --trans=1,2,3,4 -M 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)

Ending ike-scan 1.9.1: 1 hosts scanned in 2.439 seconds (0.41 hosts/sec).  0 returned handshake; 0 returned notify

Bad IKE version

The Cisco VPN Concentrator does not appear to check the IKE header version.

$ ike-scan -M --headerver=0x30 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=c77b8fba9f5ccf06)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)
$ ike-scan -M --headerver=0x11 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=371396a0cfc43399)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)

Invalid DOI

No response.

$ ike-scan -M --doi=2 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)

Ending ike-scan 1.9.1: 1 hosts scanned in 2.476 seconds (0.40 hosts/sec).  0 returned handshake; 0 returned notify

Invalid Situation

The Cisco VPN Concentrator does not appear to check this.

$ ike-scan -M --situation=2 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=c7e0373fbcd7b850)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)

Invalid Initiator Cookie

The Cisco VPN Concentrator does not appear to check this, or perhaps it considers a zero initiator cookie to be valid.

$ ike-scan -M --cookie=0000000000000000 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=f53f64d21edabf67)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)

Invalid Flags

No response.

$ ike-scan -M --hdrflags=255 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)

Ending ike-scan 1.9.1: 1 hosts scanned in 2.477 seconds (0.40 hosts/sec).  0 returned handshake; 0 returned notify

Invalid Protocol

No response.

$ ike-scan -M --protocol=2 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)

Ending ike-scan 1.9.1: 1 hosts scanned in 2.477 seconds (0.40 hosts/sec).  0 returned handshake; 0 returned notify

Invalid SPI

The Cisco VPN Concentrator does not appear to check this.

$ ike-scan -M --spisize=32 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=4d577515f3b6bac6)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)

Non-Zero Reserved Fields

The Cisco VPN Concentrator does not appear to check this.

$ ike-scan -M --mbz=255 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=e5da74bd1eeded4b)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)

NAT Traversal

The Cisco VPN Concentrator supports NAT traversal.

$ ike-scan --nat-t -M 192.168.124.152
Starting ike-scan 1.9.1 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
192.168.124.152 Main Mode Handshake returned
        HDR=(CKY-R=cd61180deb15b4dd)
        SA=(Enc=3DES Hash=MD5 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800)
        VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)

IVEv2

The Cisco VPN Concentrator 3000 series does not support IKEv2 as of version 4.7.2.L.

Remote Access VPN Client

Cisco VPN Client

The Cisco VPN Concentrator uses the Cisco VPN client for remote access connections. This client is also used for VPN connections to other Cisco VPN products including IOS (used on Cisco routers) and Cisco PIX. This VPN client is sometimes known as the Cisco Unity Client.

The Cisco VPN client supports Windows, MacOS, Linux and Solaris. The screenshot on the right shows version 4.8.01 of the Windows client running on Windows XP.

The VPN client can be configured for either Group authentication, which is a username/password authentication scheme using IKE Pre-Shared Key authentication (possibly with a later XAUTH authentication step to provide secondary user-level authentication), or Certificate Authentication.

Cisco VPN Client version 4.8.01 offers the following fourteen transforms in order using group authentication:

No. Encryption Hash Authentication DH Group Lifetime (Seconds)
1 AES/256 SHA1 XAUTH 2 (MODP 1024) 2,147,483
2 AES/256 MD5 XAUTH 2 (MODP 1024) 2,147,483
3 AES/256 SHA1 PSK 2 (MODP 1024) 2,147,483
4 AES/256 MD5 PSK 2 (MODP 1024) 2,147,483
5 AES/128 SHA1 XAUTH 2 (MODP 1024) 2,147,483
6 AES/128 MD5 XAUTH 2 (MODP 1024) 2,147,483
7 AES/128 SHA1 PSK 2 (MODP 1024) 2,147,483
8 AES/128 MD5 PSK 2 (MODP 1024) 2,147,483
9 3DES SHA1 XAUTH 2 (MODP 1024) 2,147,483
10 3DES MD5 XAUTH 2 (MODP 1024) 2,147,483
11 3DES SHA1 PSK 2 (MODP 1024) 2,147,483
12 3DES MD5 PSK 2 (MODP 1024) 2,147,483
13 DES MD5 XAUTH 2 (MODP 1024) 2,147,483
14 DES MD5 PSK 2 (MODP 1024) 2,147,483

For the authentication methods, PSK is Pre-Shared Key (value 1), and XAUTH is XAUTH Init PreShared (value 65001).

This corresponds to the following proposal: ((AES/256 or AES/128 or 3DES) and (SHA1 or MD5) and (XAUTH or PSK) and Group2) or (DES and MD5 and (XAUTH or PSK) and Group2).

The lifetime of 2,147,483 seconds is a mystery. This corresponds to a SA lifetime of about 24 days, which is an absurdly large value.

It also sends five Vendor ID payloads:

  1. XAUTH (09002689dfd6b712)
  2. Dead Peer Detection v1.0 (afcad71368a1f1c96b8696fc77570100)
  3. IKE Fragmentation (4048b7d56ebce88525e7de7f00d6c2d380000000)
  4. draft-ietf-ipsec-nat-t-ike-02\n (90cb80913ebb696e086381b5ec427b1f)
  5. Cisco Unity (12f5f28c457168a9702d9fe274cc0100)

The DHGroup keyword can be used in the .pcf profile file (tested with Cisco VPN Client version 5.0.04.0300) to override the default DH Group 2. When adding the line DHGroup=5 in the .pcf file, Cisco VPN Client version 5.0.04.030 offers the following four transforms in order using group authentication:

No. Encryption Hash Authentication DH Group Lifetime (Seconds)
1 AES/128 SHA1 XAUTH 5 (MODP 1536) 2,147,483
2 AES/128 MD5 XAUTH 5 (MODP 1536) 2,147,483
3 AES/128 SHA1 PSK 5 (MODP 1536) 2,147,483
4 AES/128 MD5 PSK 5 (MODP 1536) 2,147,483

No IKE Proposals will match by default on a VPN Concentrator 3000 version 4.7.2.O, a new IKE Proposal must be manually added, something like CiscoVPNClient-AES128-SHA-DH5, and activated. To be completely coherent, a new SA must be created, something like ESP-AES128-SHA-DH5, and selected in the Group (IPSec tab, IPSec SA field).

vpnc - client for cisco vpn concentrator

vpnc is a vpn client compatible with the Cisco VPN Concentrator 3000, it is distributed under GPL licence. The home page of vpnc is http://www.unix-ag.uni-kl.de/~massar/vpnc/

vpnc is supposed to work with Cisco VPN concentrator 3000 Series, Cisco IOS routers, Cisco PIX / ASA Security Appliances and Juniper/Netscreen. The supported platforms are Linux (i386/ppc/zaurus tested), NetBSD (i386 tested), FreeBSD (CURRENT of 23.11.2003 tested), OpenBSD (CURRENT of 18.04.2004 tested), DragonFly BSD, Darwin / Mac OS X, Solaris (7 works, 9 only with --natt-mode forced) and Windows / Cygwin.

vpnc version 0.5.3 (compiled on Ubuntu 9.04 Jaunty) offers the following 24 transforms in order using group authentication:

No. Encryption Hash Authentication DH Group Lifetime (Seconds)
1 AES/256 SHA1 XAUTH 2 (MODP 1024) 2,147,483
2 AES/256 MD5 XAUTH 2 (MODP 1024) 2,147,483
3 AES/192 SHA1 XAUTH 2 (MODP 1024) 2,147,483
4 AES/192 MD5 XAUTH 2 (MODP 1024) 2,147,483
5 AES/128 SHA1 XAUTH 2 (MODP 1024) 2,147,483
6 AES/128 MD5 XAUTH 2 (MODP 1024) 2,147,483
7 3DES SHA1 XAUTH 2 (MODP 1024) 2,147,483
8 3DES MD5 XAUTH 2 (MODP 1024) 2,147,483
9 DES SHA1 XAUTH 2 (MODP 1024) 2,147,483
10 DES MD5 XAUTH 2 (MODP 1024) 2,147,483
11 RESERVED(0) SHA1 XAUTH 2 (MODP 1024) 2,147,483
12 RESERVED(0) MD5 XAUTH 2 (MODP 1024) 2,147,483
13 AES/256 SHA1 PSK 2 (MODP 1024) 2,147,483
14 AES/256 MD5 PSK 2 (MODP 1024) 2,147,483
15 AES/192 SHA1 PSK 2 (MODP 1024) 2,147,483
16 AES/192 MD5 PSK 2 (MODP 1024) 2,147,483
17 AES/128 SHA1 PSK 2 (MODP 1024) 2,147,483
18 AES/128 MD5 PSK 2 (MODP 1024) 2,147,483
19 3DES SHA1 PSK 2 (MODP 1024) 2,147,483
20 3DES MD5 PSK 2 (MODP 1024) 2,147,483
21 DES SHA1 PSK 2 (MODP 1024) 2,147,483
22 DES MD5 PSK 2 (MODP 1024) 2,147,483
23 RESERVED(0) SHA1 PSK 2 (MODP 1024) 2,147,483
24 RESERVED(0) MD5 PSK 2 (MODP 1024) 2,147,483

For the authentication methods, PSK is Pre-Shared Key (value 1), and XAUTH is XAUTH Init PreShared (value 65001).

When using "--dh dh5", the DH Group is set to 5 (MODP 1536).

The lifetime of 2,147,483 seconds is the same as the Cisco VPN Client. This corresponds to a SA lifetime of about 24 days, which is an absurdly large value.

vpnc also sends 8 Vendor ID payloads:

  1. XAUTH (09002689dfd6b712)
  2. Cisco Unity (12f5f28c457168a9702d9fe274cc0100)
  3. RFC 3947 Negotiation of NAT-Traversal in the IKE (4a131c81070358455c5728f20e95452f)
  4. draft-ietf-ipsec-nat-t-ike-02\n (90cb80913ebb696e086381b5ec427b1f)
  5. draft-ietf-ipsec-nat-t-ike-02 (cd60464335df21f87cfdb2fc68b6a448)
  6. draft-ietf-ipsec-nat-t-ike-01 (16f6ca16e4a4066d83821a0f0aeaa862)
  7. draft-ietf-ipsec-nat-t-ike-00 (4485152d18b6bbcd0be8a8469579ddcc)
  8. Dead Peer Detection v1.0 (afcad71368a1f1c96b8696fc77570100)


Other Interesting Behaviour

IKE over TCP

The Cisco VPN Concentrator 3000 series supports IKE over TCP, although this is not enabled by default. The TCP port is 10000 by default, but this can be changed.

The protocol used is Cisco proprietary, and consists of the entire UDP datagram (including headers) plus some additional data encapsulated within a TCP segment.

Cisco VPN concentrators are the only systems that have been observed to use this encapsulated IKE over TCP, so if you see it then it's almost certainly a VPN concentrator. Checkpoint Firewall-1 also supports IKE over TCP, but it uses a different encapsulation format.

Default Configuration

Cisco VPN Concentrator 3000 Default IKE Proposals

The default IKE Phase-1 proposals for Version 4.7.2.B as displayed in the command line interface are shown below. The screenshot on the right shows the same list in the web-based GUI.

                           The Active IKE Proposals
-------------------------------------------------------------------------------
| 1. CiscoVPNClient-3DES-MD5           | 2. IKE-3DES-MD5                      |
| 3. IKE-3DES-MD5-DH1                  | 4. IKE-DES-MD5                       |
| 5. IKE-3DES-MD5-DH7                  | 6. IKE-3DES-MD5-RSA                  |
| 7. CiscoVPNClient-3DES-MD5-DH5       | 8. CiscoVPNClient-AES128-SHA         |
| 9. IKE-AES128-SHA                    | 10. CRACK-3DES-SHA-DH2               |
| 11. CRACK-AES128-SHA-DH2             | 12. HYBRID_AES256_SHA_RSA_DH5        |
| 13. HYBRID_AES256_SHA_RSA_DH2        | 14. HYBRID_AES192_SHA_RSA_DH2        |
| 15. HYBRID_3DES_SHA_RSA_DH5          | 16. HYBRID_3DES_SHA_RSA_DH2          |
-------------------------------------------------------------------------------

The table below shows the Cisco-Supplied Default IKE Proposals that are Active by Default.

Proposal Name Authentication Mode Authentication Algorithm Encryption Algorithm Diffie-Hellman Group
CiscoVPNClient-3DES-MD5 Preshared Keys (XAUTH) MD5/HMAC-128 3DES-168 2 (1024-bits)
IKE-3DES-MD5 Preshared Keys MD5/HMAC-128 3DES-168 2
IKE-3DES-MD5-DH1 Preshared Keys MD5/HMAC-128 3DES-168 1 (768-bits)
IKE-DES-MD5 Preshared Keys MD5/HMAC-128 DES-56 1
IKE-3DES-MD5-DH7 Preshared Keys MD5/HMAC-128 3DES-168 7 (ECC)
IKE-3DES-MD5-RSA RSA Digital Certificate MD5/HMAC-128 3DES-168 2 (1024-bits)
IKE-AES128-SHA Preshared Keys SHA/HMAC-160 AES-128 2
CiscoVPNClient-AES128- SHA Preshared Keys SHA/HMAC-160 AES-128 2
CiscoVPNClient-3DES-MD5-DH5 3DES-168 MD5/HMAC-128 3DES-168 5 (1536-bits)
HYBRID_AES256_SHA_RSA_DH5 RSA Cert (HYBRID) SHA/HMAC-160 AES-256 5
HYBRID_AES256_SHA_RSA_DH2 RSA Cert (HYBRID) SHA/HMAC-160 AES-256 2
HYBRID_AES192_SHA_RSA_DH2 RSA Cert (HYBRID) SHA/HMAC-160 AES-192 2
HYBRID_3DES_SHA_RSA_DH5 RSA Cert (HYBRID) SHA/HMAC-160 3DES-168 5
HYBRID_3DES_SHA_RSA_DH2 RSA Cert (HYBRID) SHA/HMAC-160 3DES-168 2
HYBRID_AES128_SHA_RSA_DH2 RSA Cert (HYBRID) SHA/HMAC-160 AES-128 2

Discovered Vulnerabilities