Configuring VPNC

Kernels & Hardware, configuring network, installing services

Configuring VPNC

Postby Ruby » 2015-09-24 19:09

I have debian 8, Jessie, installed and am using vpnc as my VPN client for Cisco. But I saw this warning in the manual page (
OBLIGATORY WARNING: the most used configuration (XAUTH authentication with pre-shared keys and password authentication) is insecure by design, be aware of this fact when you use vpnc to exchange sensitive data like passwords!

I am not sure what authentication mode vpnc is using ny default, I did not change the default configuration. In the manual page some information is given:

--auth-mode <psk/cert/hybrid>
Authentication mode:
• psk: pre-shared key (default)
• cert: server + client certificate (not implemented yet)
• hybrid: server certificate + xauth (if built with openssl support)
Default: psk

And below, in the examples:

This is an example vpnc.conf with pre-shared keys:
IPSec gateway
IPSec ID ExampleVpnPSK
IKE Authmode psk
IPSec secret PskS3cret!
Xauth username
Xauth password USecr3t

It seems that the default authentication mode is psk, but in the example "Xauth" user and pass are required. So I am confused. Am I connecting in a secure way?

Should I be using OpenVpn instead of vpnc? I tried to use that first but it was too complicated to configure.

Posts: 1
Joined: 2015-09-24 18:45

Return to System configuration

Who is online

Users browsing this forum: No registered users and 4 guests