[Swan] Interoperability test

Douglas Kosovic doug at uq.edu.au
Tue Feb 1 05:29:06 EET 2022

On 1 February 2022, Mirsad Goran Todorovac wrote:
> On 1/31/2022 6:32 PM, Paul Wouters wrote:
>>> Android uses mtpd for its L2TP and PPTP implementations and 
>>> ipsec-tools for IKEv1, here are the corresponding AOSP (i.e. Android 
>>> Open Source Project) repositories :
>>> https://android.googlesource.com/platform/external/mtpd/
>>> https://android.googlesource.com/platform/external/ipsec-tools/
>>> If you have a look at the master source code of setup.c in ipsec-tools :
>>> https://android.googlesource.com/platform/external/ipsec-tools/+/ref
>>> s/heads/master/setup.c
>>> You'll note for the add_proposal() function that
>>> OAKLEY_ATTR_GRP_DESC_MODP1024 is hard coded for the DH group.
>> This is good to know. I'll add an entry to our FAQ.
>> It looks like aged source (2011). Is it still maintained?

More about Google's official statement of maintenance for L2TP/IPsec from someone in the Android development team at the end of this email.

In regards to ipsec-tools in general, the following was extracted from the history section of NetBSD's ipsec-tools README file found on :
and I added a bit more context in the parentheses.
Ipsec-tools was originally developed by the KAME project. It was then moved on SourceForge, at the following address:

Due to too restricted commit accesses, the development stalled, and the source code was moved into NetBSD's CVS repository (in 2006).

However, many distributions still take their tarballs from SourceForge (which only has tarballs up to 2014), and each distribution maintains local patches.

NetBSD's ipsec-tools seems to be actively maintained by looking at the commits in the above github page unlike the above Ipsec-tools SourceForge page which states development was abandoned in 2014, you should not use it and to switch to a secure alternative.

Apple maintains its own patched version of ipsec-tools :

As previously mentioned, Android AOSP has its own patched version of ipsec-tools :

The Android ipsec-tools code still seems to be getting commits and Git tags for Android 12 versions. The code has been maintained, but the commits since 2017 seem to be for building on newer versions of the platform and licensing fixes. The following commit from 2017 has a workaround for a broken openswan proposal and they also verified it works against libreswan and strongswan:


>>> Google decided to remove L2TP (and PPTP) from their Pixel 6 Android
>>> 12 phone, so I don't think there is much hope in Android ever 
>>> supporting something better than modp1024 (DH2) for its L2TP/IPsec 
>>> VPN implementation.
>> Yes, IKEv1 stuff really should not be shipped anymore. The only 
>> reason Android did it for so long was because they had no IKEv2 
>> support at all (libreswan and strongswan are GPL licensed, so they 
>> could not use it)
> I am not that certain. L2TP is going to be around for a while more because it is so easy to set up with PSK.
> And you have yourself said that governments break MODP1024 DH group in offline attacks, so theoretically Iran could record VPNs of humanitarian workers or North Korea of South Koreans and break that when they have stronger computers available.
> What is today theoretical could be a practical attack in just a few years.
> IMHO Google should patch L2TP client, since many servers offer only that. It is still the first VPN I was introduced with, so I guess may will go the same path. My $0.02.

For the Android L2TP/IPsec client you could submit a bug report or submit a patch to support proposals stronger than DH2:

But might be of little benefit with the way Android 12 now handles L2TP/IPsec.

The following is a response from someone in Google's Android development team in regards to L2TP/IPsec support going forward with Android 12 , it was extracted from the following Android bug report:

Android 12 will no longer let you add an L2TP VPN manually from the device settings. Android 12 will still keep your old settings working if your device upgrades from an earlier version (to blunt disruption to users and give them time to upgrade).

We decided to do this for the following reasons.

- The security used by these VPN types have been broken a long time ago. Most users assume (as they should) that Android will keep them safe, and have a reasonable expectation that if Android lets you configure a VPN type, that VPN will use secure encryption. It's not the case with the L2TP VPNs, and we don't want to send the wrong message.

- Internally this is handled by code whose maintenance cost is using up resources that we think should be used toward our support of newer, more battery-efficient and more secure protocols like IKEv2.

- Public and enterprise servers that support L2TP essentially all support IKEv2 now. Power users that configured their own VPN server should all have the option to configure it to use IKEv2 instead easily.

VPN apps can still implement any protocol they like including using L2TP, so you can also download a VPN app that can do L2TP/IPSec PSK (which we never plan to deprecate). But for the security of your use case we suggest you upgrade to IKEv2 types.


More information about the Swan mailing list