We recommend that EEOC review and remediate the medium level severity vulnerabilities identified during external penetration testing by:
- Disabling IKE Aggressive Mode if supported;
- Refraining from the use of pre-shared authentication keys;
- If using a pre-shared key cannot be avoided, use strong keys;
- Do not allow VPN connections from an non-approved IP addresses, if possible.