• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

L2TP/IPsec Encryption Strength

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> L2TP/IPsec Encryption Strength Page: [1]
Login
Message << Older Topic   Newer Topic >>
L2TP/IPsec Encryption Strength - 15.Jun.2006 10:15:38 PM   
johnspie

 

Posts: 11
Joined: 2.Feb.2006
Status: offline
Hello,
 
I have successfully set up a L2TP/IPsec VPN using ISA 2004.
 
It doesn't appear that the encryption strength can be set anywhere in the ISA interface, as I would like to remove the 40bit and 56bit DES Encryption option.
 
So my question is:
 
Will manually editing the encryption portion of the ISA Default Policy mess things up with ISA or is this only way to achieve this?
 
Thanks in Advance.
 
You guys are invaluable!
John
Post #: 1
RE: L2TP/IPsec Encryption Strength - 15.Jun.2006 10:27:38 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi John,

the ISA Default Policy is owned by ISA server itself. Any manual change made to it will be overwritten with the next service/server restart. Your best option is to use IAS (a Radius server) to customize the VPN policies.

HTH,
Stefaan

(in reply to johnspie)
Post #: 2
RE: L2TP/IPsec Encryption Strength - 16.Jun.2006 3:05:17 AM   
ClintD

 

Posts: 1848
Joined: 26.Jan.2001
From: Keller, TX
Status: offline
Just to be clear - even though you stipulate 3DES in the Remote Access Policy (High Encryption), a client will still be able to connect - initially - if the client stipulates DES in it's connectoid. The check for encryption strength is made after the IPSec connection is established by the Routing and Remote Access component (not the IPSec component). After the RRAS policy policy check kicks in, the client will be disconnected if it only allow DES.

(in reply to spouseele)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> L2TP/IPsec Encryption Strength Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts