Hello Peplinkers,
Is anyone concern about Peplink VPN security? Why is the pre-shared key ignore after firmware 5.0? Shouldn’t it act as a second layer of protection?
There’s never too much when it comes to security.
Also, what’s the max length for the PepVPN Local ID?
“The VPN connection’s session key will be further protected by the pre-shared key. The connection will be up only if the pre-shared keys on each side match. When the peer is running firmware 5.0+, this setting will be ignored.”
For firmware 7, we have implemented PepVPN Firmware Compatibility Change where Firmware 7 will only form PepVPN connections with devices running Firmware 6.1 or later. Firmware 6.0 or earlier version will be deprecated.
Refer to release note
Guess above statement was retrieved from the user manual and we have verified the user manual, look like we have missed this part, we will amend the user manual accordingly.
so @Chun_Fatt_Sham just to clarify, the Remote ID + Shared Key is enforced if both devices are running on firm 6.1 or later?
Yes, if Shared Key enabled, both devices need to have correct Remote ID + correct Shared Key in-order PepVPN can be established
