IKE and IPSEC - which algorithms in use - MacOS


I am connecting a MacOS Mojave to two different VPNs. One is over IKEv2, and the other over L2TP/IPSEC. After connecting the VPN, a new interface is created named ppp0. I can see come basic information about this VPN connection with command

ifconfig -v ppp0

The output is below:

ifconfig -v ppp0
ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280 index 21
    inet --> netmask 0xffff0000
    agent domain:NetworkExtension type:VPN flags:0x3 desc:"VPN: FW04-HA1"
    state availability: 0 (true)
    scheduler: FQ_CODEL
    link rate: 1.00 Gbps
    effective interface: en7
    qosmarking enabled: no mode: none
    low power mode: disabled

However, I am interested in knowing which algorithm was negotiated between my client and the VPN server when the connection was set up. Which encryption is in use?

The server supports several different encryption standards, including 3DES, AES, SHA1, and SHA256. It also supports several different Diffie-Hellman groups for the key exchange. I do not know which one was negotiated with the tunnel was set up.

I have also tried looking in the ppp log file, with command

sudo /var/log/ppp.log

And I can see the connection begin established, but the log file, unfortunately, does not reveal any details about the IKE and IPSEC negotiations, and I cannot know which encryption is in place.

I have also tried the commands

scutil --nc show


networksetup -getinfo

To try to get more information about the established VPN connection, but can only get limited information.

I am thinking that there must be some command that I can run to see more details about the established ppp connection. Or that there could be a tool that I could install with brew, that is more powerful for seeing the details of a ppp connection.

Does anyone have any tips?

asked on Server Fault Oct 30, 2020 by Prospero • edited Oct 31, 2020 by Piccio95

0 Answers

Nobody has answered this question yet.

User contributions licensed under CC BY-SA 3.0