Hot!Very very low Ciphers/Encryption on Forticlient 6.4.x for Android (IPSEC)

Author
ipranger
Gold Member
  • Total Posts : 152
  • Scores: 2
  • Reward points: 0
  • Joined: 2012/11/13 11:49:10
  • Location: Austria/Steiermark
  • Status: offline
2021/05/17 12:22:09 (permalink)
0

Very very low Ciphers/Encryption on Forticlient 6.4.x for Android (IPSEC)

Hello all, 
 
i'am using here FortiOS7 with lates Forticlient for Android 6.4.6.0507.  IPSEC works, but the highest encryption level ist AES128 and  SHA-1. https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
https://en.wikipedia.org/wiki/SHA-1
 
Can anyone tell me the reason for building a VPN client with almost the lowest encryption? That used to be safe many many years ago.
 
Very Thanks and best Regards
Fireon
 

Fortigate 60E v7.x (GA)
#1

3 Replies Related Threads

    emnoc
    Expert Member
    • Total Posts : 6137
    • Scores: 422
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: Very very low Ciphers/Encryption on Forticlient 6.4.x for Android (IPSEC) 2021/05/17 13:23:50 (permalink)
    0
    Okay sha1 is not hackable. If you are using  pfs in your ipsec configuration your safe from any attacks. if in doubt run short IKE/IPSEC key-life but I would not personally be worried over sha1.   
     
    Now yes FC6.4 still supports md5/sha1 "only" , why that is a business question to FTNT. Strongsan and greenbow are great alternative for ipsec-clients.
     
    I think one of the reason mobile-devices are not using top-notch encryption is due to the size of the processors in the phone and the vendor don't not want to overburden these devices. Just my wild guess.
     
    Ken Felix

    PCNSE 
    NSE 
    StrongSwan  
    #2
    ipranger
    Gold Member
    • Total Posts : 152
    • Scores: 2
    • Reward points: 0
    • Joined: 2012/11/13 11:49:10
    • Location: Austria/Steiermark
    • Status: offline
    Re: Very very low Ciphers/Encryption on Forticlient 6.4.x for Android (IPSEC) 2021/05/18 10:07:54 (permalink)
    0
    Thank you for this information and your Recommendation in the other thread. This can be an solution. 

    Fortigate 60E v7.x (GA)
    #3
    emnoc
    Expert Member
    • Total Posts : 6137
    • Scores: 422
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: Very very low Ciphers/Encryption on Forticlient 6.4.x for Android (IPSEC) 2021/05/18 11:40:02 (permalink)
    0
    NP ,  I also throw in NCP in that other thread. It's very reliable. Actually all of them are very good. I will update some details on the blog and specifically with greenbow here in soon.
     
    Ken Felix

    PCNSE 
    NSE 
    StrongSwan  
    #4
    Jump to:
    © 2021 APG vNext Commercial Version 5.5