If you have a NAT/PAT device between your vpn client and the vpn headend device this can stop the VPN tunnel working because the port numbers get changed.
In order to get around this you can use nat-traversal which needs to be supported on the client end and the headend device. The IPSEC traffic is encapsulated in UDP packets with port 4500. This allows the NAT to modify the packet without breaking the IPSEC tunnel.
1) Theoretical vulnerabilites ie. in theory it could be done but no one has ever done it.
2) Vulnerabilities where the attacker would need so much access that if they had that access there would be much easier targets to go for.
3) Vulnerabilities which can be exploited without any special access etc.
Together with this you have to balance these vulnerabilities asgainst how likely your company is to be a target.
Reading through your attachment the one i would concentrate on is the use of a group wildcard and pre-shared keys. If you are not already doing it i would strongly recommend you don't use pre-shared keys soley for authentication and use some sort of token based authentication.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...