IPsec IKEv1 Security Question

I have a medical office client with two offices and she has been using the PepVPN for a few years successfully. She has recently bought another practice that is using a cloud medical records service with a sonicwall. I installed a new Balance 20X at this site and when we connected the IPsec VPN they are telling me that it isn’t a secure connection and is at risk of being hacked. Is this true and what information can I give my client to let her know the Peplink solution can provide a secure multi site solution using the PepVPN and using IPsec for the connection to the medical records service provider?
Thank you for you assistance.

Hi Ian,

IPsec VPN was designed to provide secure encrypted communication between two sites (or computers). All versions add encryption and security.
There are degradation in the security, depending how it is implemented and what encryption is used.
It is a bit like locks; some are easier to pick than others, but they all add some security.

IPsec with IKEv2 is more secure than IKEv1 because it uses encryption keys for both sides. And IKEv1 aggressive mode is less secure than using main mode. Using a certificate is more secure than using a pre-shared key.

However even in IKEv1 main mode you still need to crack the pre-shared key using a brute force attack.

Use SpeedFusion if you can, maybe you can install a Fusionhub Solo at the medical records service provider?

1 Like

Thank you Erik.
So if I can convince the Medical Records service provider to install SpeedFusion on their end we can use speedfusion at the new site to securely connect to the Medical Records service provider? I need to learn more about SpeedFusion vs PepVPN. Thank you for your quick reply.

I have IKEv2 on my Balance One running 8.0.2. What firmware do you have on the Balance 20x?

1 Like

The Medical Records vendor chose to use IKEv1 with Preshared Key. Preshared Key could be longer and more complex to make safer to brute force like Erik mentioned.

1 Like

Hi Martin,
Is the Pepvpn between two peplink’s more secure than an IPsec connection? I have tried to find information on peplink.com and I found that pepvpn uses ipsec as the underlying connection between the two devices but I am looking for something to show the owner of the medical practices. Thank you.

Well that is a bag of frogs you’ve just opened there Ian… There are loads of security pro users on this forum and they will I’m sure comment but here are my thoughts:

  • PepVPN (which is the underlying VPN used by Speedfusion) is proprietary to Peplink devices and therefore obscure which makes it harder for an attacker to target.
  • Peplink routers are used everywhere (military. government, banks, hospitals) and can be PCI compliant.
  • Customer deployed Peplink routers and infrastructures in the field are regularly penetration tested globally, and Peplink continuously hardens their products in response to these tests.
  • Routersecurity.org an independent site that focuses on how to secure routers from attack recommends Peplink.
  • Peplink routers can achieve FIPS 140-2 compliance
  • Peplink routers are used by Law enforcement agencies & emergency services agencies globally.

However, like any make of router you can also configure a Peplink badly and make it insecure. Careful network design and configuration is always important.

1 Like

Thank you for this information Martin

1 Like