IKE Agressive mode

Overview

Having aggressive mode enabled on a VPN allows for an attacker to capture and crack that PSK thus gaining access into the internal network.

The Likelihood of this happening are close to zero but the Impact is very high. It's just best practice to have aggressive mode on IKE be disabled

Example

Remediation would be to simply turn it off

PreviousOpen Mail Relays NextUnexpected Perimeter Services

Last updated 11 months ago

Was this helpful?