Thanks for the reply and the link.

Connecting to the direct IP could be re routed with an arpspoof (but that would require the attacker knowing the target prior to the initial vpn hand shake) so yeah, one point for you. However, in SSL MITM attacks, the attacker doesnt need to know the target server prior to the attack... they just listen for the ssl handshake and go from there. I propose the same sort of technique for VPN's and listen for isakmp traffic.



As for the link, thanks. Basically it shows how to enforce key verification, but only with that one product. :/. However, this MITM attack could be prevented with a pre-shared key installed on all the vpn clients/servers. This may be an administrative hassel, but if you have a small number of clients... may be worth looking into.

As for the two nics... you may or may not be right there... with MITM SSL you can do it with one nic. I would worry about the over head of doing two VPN's. Like technically it should work with one... but practically it may be better with two.