This paper outlines some of the common VPN security ﬂaws that NTA Monitor have found during the last three years while performing VPN se- curity tests. The paper concentrates on remote access VPN conﬁgurations using the IPsec protocol, although some of the ﬁndings are also applicable to site-to-site VPNs. Some of the problems that have been seen, such as the username enu- meration issue, are new discoveries, while others are known limitations of the protocols, which are exposed due to poor conﬁguration. The paper shows that VPNs are far from the impenetrable systems that many people believe them to be, and that they can actually be the weak link in an otherwise secure system.
You can also obtain ikde-scan, an IPsec VPN scanning, fingerprinting and testing tool, from their website.