vpncfg { connections { enabled = yes; conn_type = conntype_lan; name = "Sophos UTM"; always_renew = yes; keepalive_ip = 192.168.1.1; reject_not_encrypted = no; dont_filter_netbios = yes; localip = 0.0.0.0; local_virtualip = 0.0.0.0; remoteip = 0.0.0.0; remote_virtualip = 0.0.0.0; remotehostname = "sophosdns.name.here"; localid { fqdn = "fritzbox.dns.name.here"; } remoteid { fqdn = "sophosdns.name.here"; } mode = phase1_mode_idp; phase1ss = "all/all/all"; keytype = connkeytype_pre_shared; key = "secretpassphrasekeysecret"; cert_do_server_auth = no; use_nat_t = no; use_xauth = no; use_cfgmode = no; phase2localid { ipnet { ipaddr = 192.168.178.0; mask = 255.255.255.0; } } phase2remoteid { ipnet { ipaddr = 192.168.1.0; mask = 255.255.255.0; } } phase2ss = "esp-aes256-3des-sha/ah-no/comp-lzs-no/pfs"; accesslist = "permit ip any 192.168.1.0 255.255.255.0"; } ike_forward_rules = "udp 0.0.0.0:500 0.0.0.0:500", "udp 0.0.0.0:4500 0.0.0.0:4500";}// EOF
Increase minimum key strengths. ... Browsers and clients should raise the minimum accepted size for Diffie-Hellman groups to at least 1024 bits in order to avoid downgrade attacks when communicating with servers that still use smaller groups. Primes of less than 1024 bits should not be considered secure, even against an attacker with moderate resources. Our analysis suggests that 1024-bit discrete log may be within reach for state-level actors. As such, 1024-bit DHE (and 1024-bit RSA) must be phased out in the near term. NIST has recommended such a transition since 2010 [4]. We recommend that clients raise the minimum DHE group size to 2048 bits as soon as server configurations allow... Precomputation for a 2048-bit non-trapdoored group is around 109 times harder than for a 1024-bit group, so 2048-bit Diffie-Hellman will remain secure barring a major algorithmic improvement