IPSEC Internet Key Exchange (IKE) Version 2 Detection

info Nessus Plugin ID 62695
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

A VPN server is listening on the remote port.

Description

The remote host seems to be enabled to do Internet Key Exchange (IKE).
This is typically indicative of a VPN server. VPN servers are used to connect remote hosts into internal resources.

Make sure that the use of this VPN endpoint is done in accordance with your corporate security policy.

Note that if the remote host is not configured to allow the Nessus host to perform IKE/IPSEC negotiations, Nessus won't be able to detect the IKE service.

Also note that this plugin does not run over IPv6.

Solution

If this service is not needed, disable it or filter incoming traffic to this port.

Plugin Details

Severity: Info

ID: 62695

File Name: ike2_detect.nasl

Version: 1.10

Type: remote

Published: 10/24/2012

Updated: 9/22/2020

Dependencies: ike_detect.nasl

Asset Inventory: true

Vulnerability Information

Reference Information

IAVT: 0001-T-0900