DH Selection for VPNs
(2019-03-13)
Problem
What are the recommended settings for IPSEC VPNs?
Updated 25 April 2023
IKE:
- In general IKEv1 is still acceptable, unless you're dealing with a Cisco ASA which as of 2020 will only do SHA-1 in IKEv1
DH Group:
- ideal is DH-19 or DH-20
- minimum for reasonable security is DH-16, going below that is not recommended
- groups 1, 2, 5, 22, 23, and 24 are considered notably (and perhaps unexpectedly) weak.
Algorithms:
- use AES-256 (or higher) with SHA-384 (or higher)
- Always avoid DES
- Avoid 3DES and/or MD5 if at all possible
References
- 2023-04, pfSense firewall v2.6.0-RELEASE (Community Edition) ipsec config pages
- 2021-08, NSA recommendations 2020: https://media.defense.gov/2020/Jul/02/2002355501/-1/-1/0/CONFIGURING_IPSEC_VIRTUAL_PRIVATE_NETWORKS_2020_07_01_FINAL_RELEASE.PDF
- some reddit thread somewhere which I can't find any more, yeah possibly sketchy AF maybe, but it's backed up by other places on the web
- 2019-03, NCSC (UK) requirements for their tunnels: https://www.ncsc.gov.uk/guidance/using-ipsec-protect-data
- 2018-10, DH group: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk27054