This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do you confirm PFS is in use for an L2TP over IPsec connection?

I believe I have successfully configured a VPN profile on Windows 10 to use Perfect Forward Secrecy with my UTM. The setting is configured on both sides and the connection allows traffic. Is there any way for me to confirm that PFS is in fact being used? Maybe a certain type of logging needs to be enabled and/or I just need to look for a specific event in the logs.



This thread was automatically locked due to age.
Parents
  • Hi and welcome to the UTM Community!

    If PFS s enabled in the 'L2TP-over-IPsec' IPsec policy, PFS is being used.

    I think that if you see no log messages where " we require PFS" appears, that's your confirmation.  

    On the side that initiates the connection, the IPsec log will have lines that include something like initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hi and welcome to the UTM Community!

    If PFS s enabled in the 'L2TP-over-IPsec' IPsec policy, PFS is being used.

    I think that if you see no log messages where " we require PFS" appears, that's your confirmation.  

    On the side that initiates the connection, the IPsec log will have lines that include something like initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data