Re: [strongSwan] eap-dynamic (eap-tls, eap-mschapv2) and cacerts constraints
Hi Andreas, as far as I know, the "cacerts" parameter currently applies to the IKEv2 trust chain verification only (it primarily controls which CAs are requested by the CERTREQ payload), but it doesn't have any effect on the trust chain verification of our TLS stack. Best regards Andreas On 05.08.22 21:44, Andreas Weigel wrote: Hi everyone, I have a setup in which a gateway uses eap-dynamic to authenticate clients using either eap-mschapv2 or eap-tls, basically the same as https://www.strongswan.org/testing/testresults/ikev2/rw-eap-dynamic/. Now, if I try to specify the cacerts parameter in the remote section of the connection to restrict the accepted certificates for clients using eap-tls, clients can no longer connect using eap-mschapv2: 2022-08-05T15:08:29.910-04:00|charon||10[IKE] authentication of 'test' with EAP successful 2022-08-05T15:08:29.912-04:00|charon||10[CFG] constraint check failed: peer not authenticated by CA '[...]' With the cacerts parameter removed, the connection works. Is this intended behavior? On first glance, it would make sense to me to be able to use the cacerts (or certs) constraint to restrict eap-dynamic->eap-tls clients to that one CA in the presence of multiple connections on the same device that may use a different CA or certificates. Kind regards, Andreas -- ====== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org strongSec GmbH, 8952 Schlieren (Switzerland) ==
Re: [strongSwan] Memory leak in charon?
Memory leaks are written to the log when the charon daemon exits and all memory is released. Sending a HUP doesn't help. On 05.08.22 15:21, Michael Schwartzkopff wrote: On 05.08.22 14:36, Andreas Steffen wrote: Hi Michael, I'm not aware of any memory leak that we fixed. You could run charon compiled with the --enable-leak-detective configure option and check for any memory leaks when you stop the daemon. Regards Andreas Thanks for the fast response. It is reported to the log file? Is the any "hup" to get the report in the fly? On 05.08.22 09:46, Michael Schwartzkopff wrote: Hi, we have a strongswan 5.9.5 installed on a embedded device. We see a increase of memory usage of the charon process of about 200 kB/hour. The leak might be somehow connected to rekeying since the leak rate was reduced with the rekeying rate. Also perhaps to logging, since we reduced verbosity to decrease leak rate. As far as I read the changelog, no memory leak was fixed in 5.9.6 and 5.9.7. Any idea how to proceed to pin down the cause of the leak? 200 kB/h impacts the embedded device. ====== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org strongSec GmbH, 8952 Schlieren (Switzerland) ==
Re: [strongSwan] Memory leak in charon?
Hi Michael, I'm not aware of any memory leak that we fixed. You could run charon compiled with the --enable-leak-detective configure option and check for any memory leaks when you stop the daemon. Regards Andreas On 05.08.22 09:46, Michael Schwartzkopff wrote: Hi, we have a strongswan 5.9.5 installed on a embedded device. We see a increase of memory usage of the charon process of about 200 kB/hour. The leak might be somehow connected to rekeying since the leak rate was reduced with the rekeying rate. Also perhaps to logging, since we reduced verbosity to decrease leak rate. As far as I read the changelog, no memory leak was fixed in 5.9.6 and 5.9.7. Any idea how to proceed to pin down the cause of the leak? 200 kB/h impacts the embedded device. Mit freundlichen Grüßen, == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org strongSec GmbH, 8952 Schlieren (Switzerland) ==
Re: [strongSwan] Failure of chacha algorithm use?
Hi Michael, swanctl shows IKE algorithms only, loaded ESP algorithms are not reported. On my Ubuntu 22.04 system "sudo modprobe chachapoly1305" loads CHACHA AEAD support in the kernel and is then listed by "lsmod". Regards Andreas On 05.08.22 10:03, Michael Schwartzkopff wrote: Hi, we wanted to do the use the CHACHA (chacha20poly1305) for ESP encryption. We have a self-compiled kernel and a self-compiled strongswan (5.9.5) on our embedded device. On our test systems (ubuntu, Alma) everything works. But the embedded systems logs: [ENC] parsed CREATE_CHILD_SA response 3 [ N(USE_TRANSP) SA No KE TSi TSr ] [CFG] selected proposal: ESP:CHACHA20_POLY1305/CURVE_25519/NO_EXT_SEQ [KNL] received netlink error: No such file or directory (2) [KNL] unable to add SAD entry with SPI c9760420 (FAILED) # swanctl -g tells us: (...) aead: (...) CHACHA20_POLY1305[openssl] Do we miss a kernel module? As far as I can see, we compiled the necessary module into the kernel, which option would the algorithm be in the kernel? Mit freundlichen Grüßen, -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org strongSec GmbH, 8952 Schlieren (Switzerland) ==
Re: [strongSwan] strict crl policy
Hi Anthony, strict CRL policy still works. The problem with your setup is that you define strictcrlpolicy=yes in ipsec.conf which is loaded via starter and the stroke interface only whereas your log shows that you load the configuration via the vici interface: 2021 Sep 24 04:26:47+00:00 wglng-17 charon [info] ... 14[CFG] remote: 14[CFG]class = public key 14[CFG]id = C=CA, O=Carillon Information Security Inc., ... 14[CFG] added vici connection: sgateway1-radio0 There is no revocation = GOOD entry in the remote authentication section log of the vici transfer, so revocation = strict hasn't been set in the remote section of the configuration definition in swanctl.conf and thus no strict CRL policy is enforced Best regards Andreas On 24.09.21 22:14, Modster, Anthony wrote: Hello Does setting strict CRL policy to yes still work ? The CRL’s for TA and SCA are removed. Was expecting the VPN tunnel not to make a connection. strongSwan 5.8.2 # ipsec.conf - strongSwan IPsec configuration file # basic configuration config setup charondebug="ike 2,cfg 2" strictcrlpolicy=yes # uniqueids = no ====== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org strongSec GmbH, 8952 Schlieren (Switzerland) ==
Re: [strongSwan] docker strongswan image
Hi Anthony, here is a ready-made strongSwan 5.9.3 docker image: https://hub.docker.com/repository/docker/strongx509/strongswan and here the Dockerfile with which it was built: https://github.com/strongX509/docker/tree/master/strongswan The Ubuntu 20.04 image used doesn't come equipped with systemd, so we just start the charon daemon in the background. If you need additional strongSwan plugins then just extend the ./configure command in the Dockerfile. ./configure --prefix=/usr --sysconfdir=/etc --disable-defaults \ --enable-charon --enable-ikev2 --enable-nonce --enable-random \ --enable-openssl --enable-pkcs1 --enable-pkcs8 --enable-pkcs12\ --enable-pem --enable-x509 --enable-pubkey --enable-constraints \ --enable-pki --enable-socket-default --enable-kernel-netlink \ --enable-eap-identity --enable-eap-md5 --enable-eap-dynamic \ --enable-eap-tls --enable-updown --enable-vici --enable-drbg \ --enable-swanctl --enable-silent-rules && \ Best regards Andreas On 24.09.21 02:15, Modster, Anthony wrote: Hello Is there information on creating a Docker Strongswan image ? Thanks Teledyne Confidential; Commercially Sensitive Business Data ====== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org strongSec GmbH, 8952 Schlieren (Switzerland) ==
Re: [strongSwan] PGP Key used for signing
Hi Eric,
it is my personal PGP key:
https://pgp.surfnet.nl/pks/lookup?op=vindex=on=0xDF42C170B34DBA77
Regards
Andreas
On 06.07.21 17:15, Eric Germann wrote:
> What PGP key is used for signing of the source files?
>
> ---
> Eric Germann
> ekgermann {at} semperen {dot} com || ekgermann {at} gmail {dot} com
> LinkedIn: https://www.linkedin.com/in/ericgermann
> <https://www.linkedin.com/in/ericgermann>
> Twitter: @ekgermann
> Telegram || Signal || Phone +1 {dash} 419 {dash} 513 {dash} 0712
>
> GPG Fingerprint: 89ED 36B3 515A 211B 6390 60A9 E30D 9B9B 3EBF F1A1
>
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
strongSec GmbH, 8952 Schlieren (Switzerland)
==
Re: [strongSwan] Version numbers
Hi Dave, both servers are running strongSwan 5.8.4 userland daemon but the first one uses the IPsec stack of a Linux 4.15.0 kernel and the second one the IPsec stack of a Linux 4.18.0 kernel. The second server certainly is 64 bit but most probably the first one is as well. Best regards Andreas On 23.06.21 16:26, David Pearce - C wrote: > I've got two SS servers, one works, one sort of work right. > > The working one runs "Linux strongSwan U5.8.4/K4.15.0-142-generic" > > The sortof server is running "Linux strongSwan > U5.8.4/K4.18.0-305.3.1.el8_4.x86_64" > > What is the difference between the two versions? Is one 32-bit and one > 64-bit? > > *Dave Pearce* > > Blue Origin OLS > > dpear...@blueorigin.com <mailto:dpear...@blueorigin.com> > ====== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org strongSec GmbH, 8952 Schlieren (Switzerland) ==
[strongSwan] Archived recording of the joint strongSwan and wolfSSL Webinar
Hi, the recording of the strongSwan and wolfSSL Webinar is now available under the following link: https://www.youtube.com/watch?v=Ul_M3XzRa4Q Best regards Andreas On 28.05.21 13:30, Andreas Steffen wrote: > Please join us for our upcoming webinar with Security Expert Eric > Blankenhorn from wolfSSL and Andreas Steffen from the strongSwan Project. > > Leveraging the FIPS-certified security of wolfSSL and the power of > strongSwan to make a more perfect VPN! > > strongSwan and wolfSSL are coming together to present a better approach > to a VPN with FIPS-certified cryptography. wolfSSL has had an interest > in enabling FIPS 140-2/140-3 support with strongSwan so they contributed > the wolfssl crypto plugin to the strongSwan project a while ago. > > The wolfSSL engineers have now verified that everything is working with > the wolfCrypt FIPS 140-2 validated module. wolfSSL is pleased that with > the latest release of wolfSSL v4.7.0 and the wolfCrypt FIPS 140-2 module > validated on FIPS certificate 3389, strongSwan support is working > splendidly. > > When: Jun 2, 2021 10:00 AM Pacific Time (US and Canada) > > Topic: wolfSSL and strongSwan Partner webinar > > Register in advance for this webinar: > > https://us02web.zoom.us/webinar/register/WN_2V7369-WT0O00xu89WLyRQ > > After registering, you will receive a confirmation email containing > information about joining the webinar. > > Bring any questions you may have, and we look forward to seeing you there! > > Best regards > > Andreas Steffen > > The invitation to the webinar is also available on the wolfSSL site: > > https://www.wolfssl.com/upcoming-webinar-wolfssl-strongswan-partner-webinar/ == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org strongSec GmbH, 8952 Schlieren (Switzerland) ==
[strongSwan] Upcoming joint strongSwan and wolfSSL Webinar
Please join us for our upcoming webinar with Security Expert Eric Blankenhorn from wolfSSL and Andreas Steffen from the strongSwan Project. Leveraging the FIPS-certified security of wolfSSL and the power of strongSwan to make a more perfect VPN! strongSwan and wolfSSL are coming together to present a better approach to a VPN with FIPS-certified cryptography. wolfSSL has had an interest in enabling FIPS 140-2/140-3 support with strongSwan so they contributed the wolfssl crypto plugin to the strongSwan project a while ago. The wolfSSL engineers have now verified that everything is working with the wolfCrypt FIPS 140-2 validated module. wolfSSL is pleased that with the latest release of wolfSSL v4.7.0 and the wolfCrypt FIPS 140-2 module validated on FIPS certificate 3389, strongSwan support is working splendidly. When: Jun 2, 2021 10:00 AM Pacific Time (US and Canada) Topic: wolfSSL and strongSwan Partner webinar Register in advance for this webinar: https://us02web.zoom.us/webinar/register/WN_2V7369-WT0O00xu89WLyRQ After registering, you will receive a confirmation email containing information about joining the webinar. Bring any questions you may have, and we look forward to seeing you there! Best regards Andreas Steffen The invitation to the webinar is also available on the wolfSSL site: https://www.wolfssl.com/upcoming-webinar-wolfssl-strongswan-partner-webinar/ == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org strongSec GmbH, 8952 Schlieren (Switzerland) ==
Re: [strongSwan] how to increase timeout for "deleting half open IKE_SA with after timeout" ?
Hello Harald,
the half_open_timeout can be set in strongswan.conf:
charon {
half_open_timeout = 120
}
to set the timeout to 120 seconds.
Best regards
Andreas
On 14.05.21 11:06, Harald Dunkel wrote:
> Hi folks,
>
> I have a few road warriors (3 out of ~140) having severe problems to
> connect via IKEv2. Within the last 4 weeks they had >1000 problems
> during IKE SA init each, e.g.:
>
> May 12 09:55:28 18[NET1] <92244> received packet: from
> 192.168.1.177[61416] to 10.0.0.17[500] (432 bytes)
> May 12 09:55:28 18[ENC1] <92244> parsed IKE_SA_INIT request 0 [ SA KE No
> N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
> May 12 09:55:28 18[IKE0] <92244> 192.168.1.177 is initiating an IKE_SA
> May 12 09:55:28 18[IKE2] <92244> IKE_SA (unnamed)[92244] state change:
> CREATED => CONNECTING
> May 12 09:55:28 18[CFG1] <92244> selected proposal:
> IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
> May 12 09:55:28 18[IKE1] <92244> remote host is behind NAT
> May 12 09:55:28 18[IKE2] <92244> sending strongSwan vendor ID
> May 12 09:55:28 18[IKE1] <92244> sending cert request for "C=DE,
> O=example AG, CN=ws-CA"
> May 12 09:55:28 18[IKE1] <92244> sending cert request for "C=DE,
> O=example AG, OU=example Certificate Authority, CN=root-CA"
> May 12 09:55:28 18[IKE1] <92244> sending cert request for "C=DE, ST=NRW,
> O=example AG, OU=TI, CN=ipsec-ca"
> May 12 09:55:28 18[ENC1] <92244> generating IKE_SA_INIT response 0 [ SA
> KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP)
> N(MULT_AUTH) V ]
> May 12 09:55:28 18[NET1] <92244> sending packet: from 10.0.0.17[500] to
> 192.168.1.177[61416] (541 bytes)
> May 12 09:55:58 31[JOB1] <92244> deleting half open IKE_SA with
> 192.168.1.177 after timeout
> May 12 09:55:58 31[IKE2] <92244> IKE_SA (unnamed)[92244] state change:
> CONNECTING => DESTROYING
>
> Obviously there is a 30sec timeout on the IPsec gateway. Is there
> a chance to increase this timeout (using stroke, ie. ipsec.conf)?
> https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection
> mentions only the DPD timeout (150 sec per default) and the inac-
> tivity timeout (child sa only, as it seems).
>
> Would it be wise to resend the IKE_SA_INIT response (lets say) 3
> times?
>
>
> Every helpful comment is highly appreciated
>
> Harri
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
strongSec GmbH, 8952 Schlieren (Switzerland)
==
Re: [strongSwan] OpenIKED strongswan question
Hola Riccardo, if you are using swanctl.conf then the parameters are reauth_time = 86400 in the connection definition and life_time = 3600 in the children section. With the legacy ipsec.conf configuration it is ikelifetime = 86400 and lifetime = 3600 Regards Andreas On 03.03.2021 11:42, Riccardo Giuntoli wrote: Hello there nice people! Riccardo Giuntoli writing from Spain. A pleasure to. Got a question in my OpenIKED configuration I've got those parameters: ikelifetime 86400 lifetime 3600 What are the correspondent in ipsec.conf of Stronswan? Nice regards, RG. -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] Unable to establish connection with Fortigate device
ike 0:to VpnTunnelName:384: enc C10B9BE64DC0D904589D6282B4F462C905100201006B080F02004C6F63616E64610B240E2C5E431EDC18A1A71432A2D63F3A735CF38FF3B15088600EA1C4DFA8DBAE54001C000101106002C10B9BE64DC0D904589D6282B4F462C9 ike 0:to VpnTunnelName:384: out C10B9BE64DC0D904589D6282B4F462C905100201006C0A9523A71AA4D181655F68680E687AAE143646431BCF52A9AAE986F371BD20D0165F406F6525CE7BD4E99E87756AE721C2EA71E8B0D76B6DDAA3BAE63545FE806E4DABC6DBF23D09165665B8EBA17F4B ike 0:to VpnTunnelName:384: sent IKE msg (ident_i3send): 192.168.1.2:4500->95.x.x.x:4500, len=108, id=c10b9be64dc0d904/589d6282b4f462c9 ike 0: comes 95.x.x.x:4500->192.168.1.2:4500,ifindex=4 ike 0: IKEv1 exchange=Informational id=c10b9be64dc0d904/589d6282b4f462c9:3401b0f7 len=108 ike 0: in C10B9BE64DC0D904589D6282B4F462C9081005013401B0F7006CCBD929F01609C09C15FB168C6027327324BD1D6560143B39C69FF01070831099C7520EDB88EBF51AC8CF9AFF5A8649CECE18DADC661F7EB7698D90A5ECEC8DB81EC258089F8E48EEBB2313BE63C33FF5 I'm fairly new to strongswan so I might have missed something in the server configuration. Any hint is welcome. Thanks [1] https://wiki.strongswan.org/projects/strongswan/wiki/Fortinet -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] Strongswan with ECDSA certificate
Hello George, you have to enable one of the libstrongswan plugins that support ellicptic curve cryptography. Either the openssl, wolfssl or botan plugin. Best regards Andreas On 05.11.20 20:20, george wrote: eature PUBKEY:ECDSA in plugin 'pem' has unmet dependency: PUBKEY:ECDSA
Re: [strongSwan] Is there an official docker image for StrongSwan?
Hi Houman, I created a strongSwan 5.8.4 image a couple of months ago for a a tutorial so it builds only a limited number of plugins: https://hub.docker.com/repository/docker/strongx509/strongswan I hope this helps Andreas On 28.06.20 17:58, Houman wrote: > Hello, > > I'm new to Docker and was wondering where I could find the official > StrongSwan docker image? > There isn't any official version on docker hub and most of the > community stuff is fairly outdated. If there isn't any, what is the > best way to make my own? > > Thank you for advice, > Houman ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] eap auth with 5.8 - how?
But I think the remote side is not configured
for EAP-based client authentication or cannot
find its private signature key so AUTHENTICATION
FAILED ensues. Any chance of getting the remote log?
Andreas
On 11.05.20 08:45, Andreas Steffen wrote:
> Hi,
>
> in the remote section you have to set
>
> auth = pubkey
>
> since the responder is using a certificate-based
> authentication.
>
> Regards
>
> Andreas
>
> On 10.05.20 14:17, lejeczek wrote:
>> hi guys
>>
>> I got my strongswan updated to 5.8 and I think I migrated my
>> simple config correctly:
>>
>> connections {
>> camuni {
>> remote_addrs="remote.fqdn" # The location
>> of the host, FQDN or IP
>> vips="0.0.0.0"
>> send_cert="never"
>> local {
>> id="me@domain"
>> auth="eap"
>> }
>> remote {
>> certs="remote.fqdn.crt"
>> id="DNS:remote.fqdn"
>> auth="eap"
>> }
>> children {
>> camuni {
>> remote_ts="172.16.0.0/12"
>> mode="pass"
>> start_action="start"
>> }
>> }
>> }
>> }
>> secrets {
>> eap {
>> secret="aSecret"
>> id="me@fqdn
>> }
>> }
>>
>> Yet still auth fails. I have no control over "remote.fqdn"
>> but at my end I see:
>> ...
>> IKE] initiating IKE_SA camuni[9] to xx.XX.zz.ZZ
>> [ENC] generating IKE_SA_INIT request 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
>> [NET] sending packet: from xx.XX.yy.YY[500] to
>> xx.XX.zz.ZZ[500] (1400 bytes)
>> [NET] received packet: from xx.XX.zz.ZZ[500] to
>> xx.XX.yy.YY[500] (592 bytes)
>> [ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP)
>> N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ]
>> [CFG] selected proposal:
>> IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072
>> [IKE] remote host is behind NAT
>> [IKE] sending cert request for "O=CA, CN=mydom.local"
>> [IKE] sending cert request for "O=CA, CN=mydom.local"
>> [IKE] establishing CHILD_SA camuni{9}
>> [ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT)
>> CERTREQ IDr CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP)
>> N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR)
>> N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
>> [NET] sending packet: from xx.XX.yy.YY[4500] to
>> xx.XX.zz.ZZ[4500] (432 bytes)
>> [NET] received packet: from xx.XX.zz.ZZ[4500] to
>> xx.XX.yy.YY[4500] (80 bytes)
>> [ENC] parsed IKE_AUTH response 1 [ N(AUTH_FAILED) ]
>> [IKE] received AUTHENTICATION_FAILED notify error
>> initiate failed: establishing CHILD_SA 'camuni' failed
>>
>> Would you have any suggestions and advice I'll be grateful.
>> many thanks, L.
>>
>
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[INS-HSR]==
Re: [strongSwan] eap auth with 5.8 - how?
Hi,
in the remote section you have to set
auth = pubkey
since the responder is using a certificate-based
authentication.
Regards
Andreas
On 10.05.20 14:17, lejeczek wrote:
> hi guys
>
> I got my strongswan updated to 5.8 and I think I migrated my
> simple config correctly:
>
> connections {
> camuni {
> remote_addrs="remote.fqdn" # The location
> of the host, FQDN or IP
> vips="0.0.0.0"
> send_cert="never"
> local {
> id="me@domain"
> auth="eap"
> }
> remote {
> certs="remote.fqdn.crt"
> id="DNS:remote.fqdn"
> auth="eap"
> }
> children {
> camuni {
> remote_ts="172.16.0.0/12"
> mode="pass"
> start_action="start"
> }
> }
> }
> }
> secrets {
> eap {
> secret="aSecret"
> id="me@fqdn
> }
> }
>
> Yet still auth fails. I have no control over "remote.fqdn"
> but at my end I see:
> ...
> IKE] initiating IKE_SA camuni[9] to xx.XX.zz.ZZ
> [ENC] generating IKE_SA_INIT request 0 [ SA KE No
> N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
> [NET] sending packet: from xx.XX.yy.YY[500] to
> xx.XX.zz.ZZ[500] (1400 bytes)
> [NET] received packet: from xx.XX.zz.ZZ[500] to
> xx.XX.yy.YY[500] (592 bytes)
> [ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP)
> N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ]
> [CFG] selected proposal:
> IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072
> [IKE] remote host is behind NAT
> [IKE] sending cert request for "O=CA, CN=mydom.local"
> [IKE] sending cert request for "O=CA, CN=mydom.local"
> [IKE] establishing CHILD_SA camuni{9}
> [ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT)
> CERTREQ IDr CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP)
> N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR)
> N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
> [NET] sending packet: from xx.XX.yy.YY[4500] to
> xx.XX.zz.ZZ[4500] (432 bytes)
> [NET] received packet: from xx.XX.zz.ZZ[4500] to
> xx.XX.yy.YY[4500] (80 bytes)
> [ENC] parsed IKE_AUTH response 1 [ N(AUTH_FAILED) ]
> [IKE] received AUTHENTICATION_FAILED notify error
> initiate failed: establishing CHILD_SA 'camuni' failed
>
> Would you have any suggestions and advice I'll be grateful.
> many thanks, L.
>
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[INS-HSR]==
Re: [strongSwan] Password protection on private key using PKI tool
Hi Dries, no the strongSwan pki tool does not support password protection of private keys. But after generating a key with e.g. pki --gen --type rsa --size 3072 --outform pem > key.pem you can protect it with a password using openssl: openssl rsa -in key.pem -aes256 -out key.pem Enter pass phrase for key.pem: ... The pki tool can load encrypted keys, though, e.g. pki --self --type rsa --in key.pem --dn "C=CH, O=Test, CN=Joe" \ --outform pem > cert.pem Private key passphrase: ... Hope this helps! Andreas On 14.03.20 20:17, driesm.michi...@gmail.com wrote: > Hi Strongswan Mail list, > > > > This is a quick question regarding certificates/keys created with the > PKI tool. > > Does the PKI tool currently support password protection of private keys? > > > > This would mean that regardless of the key install on a client one still > needs the password to use them. > > > > Regards > > Dries ====== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] configuring android StrongSwan VPN Client 2.2.1
Hi Dave, the Diffie-Hellman group modp1024 is totally weak and is therefore deprecated by NIST. Please add modp2048 to your server's configuration. Actually Windows Clients be made secure by enabling modp2048 via the Windows registry: https://wiki.strongswan.org/projects/strongswan/wiki/WindowsClients#AES-256-CBC-and-MODP2048 Best regards Andreas On 07.01.20 17:31, David H. Durgee wrote: > I followed this recipe to install StrongSwan on my linux server: > > How to Set Up an IKEv2 VPN Server with StrongSwan on Ubuntu 16.04 > <https://www.digitalocean.com/community/tutorials/how-to-set-up-an-ikev2-vpn-server-with-strongswan-on-ubuntu-16-04> > > This is working fine with a Windows client, so I know it is configured > properly. > > After this success I attempted to install the above client on my android > Nougat phone. Unfortunately this is not working with the default > options on the client. Here is the log entries from the linux server > attempting to open the VPN connection: > > Dec 26 18:07:11 DG41TY charon: 09[NET] received packet: from > 108.31.28.59[1024] to 192.168.80.11[500] (716 bytes) > Dec 26 18:07:11 DG41TY charon: 09[ENC] parsed IKE_SA_INIT request 0 [ SA > KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] > Dec 26 18:07:11 DG41TY charon: 09[CFG] looking for an ike config for > 192.168.80.11...108.31.28.59 > Dec 26 18:07:11 DG41TY charon: 09[CFG] candidate: %any...%any, prio 28 > Dec 26 18:07:11 DG41TY charon: 09[CFG] found matching ike config: > %any...%any with prio 28 > Dec 26 18:07:11 DG41TY charon: 09[IKE] 108.31.28.59 is initiating an IKE_SA > Dec 26 18:07:11 DG41TY charon: 09[IKE] IKE_SA (unnamed)[15] state > change: CREATED => CONNECTING > Dec 26 18:07:11 DG41TY charon: 09[CFG] selecting proposal: > Dec 26 18:07:11 DG41TY charon: 09[CFG] no acceptable > DIFFIE_HELLMAN_GROUP found > Dec 26 18:07:11 DG41TY charon: 09[CFG] selecting proposal: > Dec 26 18:07:11 DG41TY charon: 09[CFG] no acceptable > ENCRYPTION_ALGORITHM found > Dec 26 18:07:11 DG41TY charon: 09[CFG] selecting proposal: > Dec 26 18:07:11 DG41TY charon: 09[CFG] no acceptable > DIFFIE_HELLMAN_GROUP found > Dec 26 18:07:11 DG41TY charon: 09[CFG] selecting proposal: > Dec 26 18:07:11 DG41TY charon: 09[CFG] no acceptable > ENCRYPTION_ALGORITHM found > Dec 26 18:07:11 DG41TY charon: 09[CFG] received proposals: > IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/(31)/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048, > IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/(31)/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048 > Dec 26 18:07:11 DG41TY charon: 09[CFG] configured proposals: > IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, > IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024 > Dec 26 18:07:11 DG41TY charon: 09[IKE] local host is behind NAT, sending > keep alives > Dec 26 18:07:11 DG41TY charon: 09[IKE] remote host is behind NAT > Dec 26 18:07:11 DG41TY charon: 09[IKE] received proposals inacceptable > Dec 26 18:07:11 DG41TY charon: 09[ENC] generating IKE_SA_INIT response 0 > [ N(NO_PROP) ] > Dec 26 18:07:11 DG41TY charon: 09[NET] sending packet: from > 192.168.80.11[500] to 108.31.28.59[1024] (36 bytes) > Dec 26 18:07:11 DG41TY charon: 09[IKE] IKE_SA (unnamed)[15] state > change: CONNECTING => DESTROYING > > What do I need to change in the android client configuration? I would > prefer not to touch the linux server as it is working with windows > clients, but will do so if absolutely necessary. Thank you for your > assistance in this matter. > > Dave -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] Regarding Strongswan and AD
Hi, your concept seems correct. Set up the authentication in steps: 1) Define user credentials locally on the Freeradius server and set up an EAP-RADIUS connection from the strongSwan VPN gateway to the FreeRadius server along the following example scenario: https://www.strongswan.org/testing/testresults/swanctl/rw-eap-ttls-radius/ 2) Connect the Microsoft AD with FreeRadius so that the User Credentials can reside on the AD. Regards Andreas On 14.08.19 03:27, Bidhan Khatri wrote: > 've been searching for the solution but couldn't find it so I'm writing > to you. I hope I will get an answer. I've configured Strongswan and for > authentication, I'm planning to use Microsoft AD. I've configured radius > client on AD and set up samba on my centos 7 Strongswan server but still > couldn't authenticate the users. I'm stuck somewhere or missing something. > > My setup is: > client -> Strongswan(centos 7) -> radius(free radius,centos 7) -> > AD(Microsoft) > > Can you provide some guidance regarding this? I've to complete this > project this month. > > Thank you -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] How to determine how many connections are currently active?
Hi Houman, The CHILD SAs are the actual tunnels carrying encrypted data. The IKE SA is used for peer authentication and the setup of the CHILD SAs. In principle an IKE SA can define multiple CHILD SAs if you want to connect multiple subnets behind the two VPN gateways with each other. Regards Andreas On 31.07.19 12:43, Houman wrote: > Hi Andreas, > > Thank you very much. That worked nicely, much easier than I thought it > would be. > > The difference between INSTALLED (519) and ESTABLISHED (520) was nearly > the same in my case. What is the main difference between them in this > context? > > Many Thanks, > Houman > > On Wed, 31 Jul 2019 at 11:14, Andreas Steffen > mailto:andreas.stef...@strongswan.org>> > wrote: > > Hi Houman, > > you can get the number of active IKE SAs via > > swanctl --list-sas | grep ESTABLISHED | wc -l > > if you are using the vici interface or > > ipsec statusall | grep ESTABLISHED | wc -l > > if you are using the legacy whack interface. > > For the total number of active CHILD SAs replace ESTABLISHED > by INSTALLED in the grep query. > > Best regards > > Andreas > > On 31.07.19 10:05, Houman wrote: > > Good morning, > > > > > > What is the best way to determine how many connections are currently > > active on the StrongSwan server? > > > > > > Maybe there is a simpler way but I thought of one way. I’m using > > FreeRadius with Mysql DB as storage. > > > > > > There are three fields that capture the start (acctstarttime), ongoing > > (acctupdatetime) and the end (acctstoptime) of a connection. > > > > > > I could theoretically filter for all acctupdatetime that start from > > today and have a acctstoptime that is null. The count of these > records > > would be the approximate number of active connections to the server. > > > > > > Is there a better way to achieve this or do you agree to this > approach? > > > > > > > > Many Thanks, > > > > Houman > > > > -- > == > Andreas Steffen > andreas.stef...@strongswan.org <mailto:andreas.stef...@strongswan.org> > strongSwan - the Open Source VPN Solution! > www.strongswan.org <http://www.strongswan.org> > Institute for Networked Solutions > HSR University of Applied Sciences Rapperswil > CH-8640 Rapperswil (Switzerland) > ===[INS-HSR]== > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] Certificate-based IPsec tunnel failing to complete
Global
> SSL ICA G3"
> [IKE] received cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root
> CA 2 G3"
> [IKE] received 10 cert requests for an unknown ca
> [IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA
> 2 G3"
> [IKE] sending cert request for "C=UK, ST=$MY_STATE, L=$MY_CITY, O=$MY_ORG,
> OU=$MY_OU, CN=CA Root (ECDSA)"
> [IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Global
> SSL ICA G3"
> [IKE] authentication of 'vpn.production.$MY_ORG.cloud' (myself) with
> ECDSA-256 signature successful
> [IKE] sending end entity cert "C=GB, ST=London, L=London, O=$MY_ORG PLC,
> CN=vpn.production.$MY_ORG.cloud"
> [IKE] establishing CHILD_SA net1-net1{1}
> [ENC] generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr
> AUTH SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
> [ENC] splitting IKE message with length of 2018 bytes into 2 fragments
> [ENC] generating IKE_AUTH request 1 [ EF(1/2) ]
> [ENC] generating IKE_AUTH request 1 [ EF(2/2) ]
> [NET] sending packet: from 172.26.0.85[4500] to $MY_ON_PREM_EXT_IP[4500]
> (1248 bytes)
> [NET] sending packet: from 172.26.0.85[4500] to $MY_ON_PREM_EXT_IP[4500] (835
> bytes)
> [NET] received packet: from $MY_ON_PREM_EXT_IP[4500] to 172.26.0.85[4500]
> (525 bytes)
> [ENC] parsed IKE_AUTH response 1 [ EF(1/4) ]
> [ENC] received fragment #1 of 4, waiting for complete IKE message
> [NET] received packet: from $MY_ON_PREM_EXT_IP[4500] to 172.26.0.85[4500]
> (525 bytes)
> [ENC] parsed IKE_AUTH response 1 [ EF(3/4) ]
> [ENC] received fragment #3 of 4, waiting for complete IKE message
> [NET] received packet: from $MY_ON_PREM_EXT_IP[4500] to 172.26.0.85[4500]
> (525 bytes)
> [ENC] parsed IKE_AUTH response 1 [ EF(2/4) ]
> [ENC] received fragment #2 of 4, waiting for complete IKE message
> [NET] received packet: from $MY_ON_PREM_EXT_IP[4500] to 172.26.0.85[4500] (76
> bytes)
> [ENC] parsed IKE_AUTH response 1 [ EF(4/4) ]
> [ENC] received fragment #4 of 4, reassembling fragmented IKE message
> [ENC] parsed IKE_AUTH response 1 [ V IDr CERT CERT AUTH SA TSi TSr
> N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) N(MOBIKE_SUP) ]
> [IKE] received end entity cert "C=UK, ST=$MY_STATE, O=$MY_ORG, OU=$MY_OU,
> CN=vpntest.$MY_ORG.co.uk"
> [IKE] received issuer cert "C=UK, ST=$MY_STATE, L=$MY_CITY, O=$MY_ORG,
> OU=$MY_OU, CN=CA Root (ECDSA)"
> [CFG] using certificate "C=UK, ST=$MY_STATE, O=$MY_ORG, OU=$MY_OU,
> CN=vpntest.$MY_ORG.co.uk"
> [CFG] using trusted ca certificate "C=UK, ST=$MY_STATE, L=$MY_CITY,
> O=$MY_ORG, OU=$MY_OU, CN=CA Root (ECDSA)"
> [CFG] checking certificate status of "C=UK, ST=$MY_STATE, O=$MY_ORG,
> OU=MY_OU, CN=vpntest.$MY_ORG.co.uk"
> [CFG] certificate status is not available
> [CFG] reached self-signed root ca with a path length of 0
> [IKE] authentication of 'C=UK, ST=$MY_STATE, O=$MY_ORG, OU=MY_OU,
> CN=vpntest.$MY_ORG.co.uk' with ECDSA-256 signature successful
> [CFG] constraint check failed: identity 'vpntest.$MY_ORG.co.uk' required
> [CFG] selected peer config 'onprem-to-azure' inacceptable: constraint
> checking failed
> [CFG] no alternative config found
> [ENC] generating INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
> [NET] sending packet: from 172.26.0.85[4500] to $MY_ON_PREM_EXT_IP[4500] (65
> bytes)
> initiate failed: establishing CHILD_SA 'net1-net1' failed
>
>
>
>
> You are receiving this message from Capita Software. Should you wish to see
> how we may have collected or may use your information, or view ways to
> exercise your individual rights, see our Privacy
> Notice<https://www.capitasoftware.com/PrivacyNotice>
>
>
> This email is security checked and subject to the disclaimer on web-page:
> http://www.capita.co.uk/email-disclaimer.aspx
>
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[INS-HSR]==
Re: [strongSwan] Can strongswan tnc be used with TPM 2.0 ?
Hi Benoit, you can compile strongSwan with both options --enable-tss-trousers and --enable-tss-tss2 and the libtpmtss library will automatically detect wheter a TPM 1.2 or TPM 2.0 device is present, prefering TPM 2.0 over TPM 1.2. For TPM 1.2 support the libtspi trousers library is required and for TPM 2.0 the libtss2 library. Have a look at the folling HOWTO on how to install the TPM2-TSS libraries and how to generate TPM 2.0 attestation keys and certificates: https://wiki.strongswan.org/projects/strongswan/wiki/TpmPlugin Best regards Andreas On 15.06.19 15:18, Benoit wrote: > Hi all, > > I am interested to use the strongswan tnc, specifically the PTS > (IMV/IMC) mode. > I went to this following pages : > > https://wiki.strongswan.org/projects/strongswan/wiki/IMA > > https://wiki.strongswan.org/projects/strongswan/wiki/TrustedNetworkConnect > https://wiki.strongswan.org/projects/strongswan/wiki/PTS-IMV > https://wiki.strongswan.org/projects/strongswan/wiki/PTS-IMC > > Pages are talking about TPM 1.2, but TPM 2.0 is never described. > > I am mainly looking for a way to verify if a client is trusted or not. > And what is described at > https://wiki.strongswan.org/projects/strongswan/wiki/IMA can match my > requirements. > But I would like to have something compliant TPM 1.2 and TPM 2.0 > > Is strongswan TNC/PTS feature compliant with TPM 1.2 and TPM 2.0 ? > > Thanks > > > > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] Error connecting from Fortigate VPN to Strongswan
KE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048,
IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048,
IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536,
IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024,
IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/AES_XCBC_96/AES_CMAC_96/HMAC_SHA1_96/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/NTRU_128/NTRU_192/NTRU_256/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048,
IKE:AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/CHACHA20_POLY1305_256/CAMELLIA_CCM_16_128/CAMELLIA_CCM_16_192/CAMELLIA_CCM_16_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/CAMELLIA_CCM_8_128/CAMELLIA_CCM_8_192/CAMELLIA_CCM_8_256/CAMELLIA_CCM_12_128/CAMELLIA_CCM_12_192/CAMELLIA_CCM_12_256/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/NTRU_128/NTRU_192/NTRU_256/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048
Mar 15 00:36:12 klick001 charon: 12[CFG] selected proposal:
IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536
Mar 15 00:36:12 klick001 charon: 12[IKE] local host is
behind NAT, sending keep alives
Mar 15 00:36:12 klick001 charon: 12[IKE] sending cert
request for "CN=VPN root CA"
Mar 15 00:36:12 klick001 charon: 12[IKE] authentication of
'35.185.2**.***' (myself) with RSA signature successful
Mar 15 00:36:12 klick001 charon: 12[CFG] proposing traffic
selectors for us:
Mar 15 00:36:12 klick001 charon: 12[CFG] 0.0.0.0/0
<http://0.0.0.0/0>
Mar 15 00:36:12 klick001 charon: 12[CFG] proposing traffic
selectors for other:
Mar 15 00:36:12 klick001 charon: 12[CFG] dynamic
Mar 15 00:36:12 klick001 charon: 12[CFG] configured
proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ,
ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ,
ESP:AES_CBC_128/HMAC_SHA2_256_128/NO_EXT_SEQ,
ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ,
ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ,
ESP:AES_CBC_128/AES_CBC_192/AES_CBC_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/NO_EXT_SEQ
Mar 15 00:36:12 klick001 charon: 12[IKE] establishing
CHILD_SA ikev2-Teledida{1}
Mar 15 00:36:12 klick001 charon: 12[ENC] generating IKE_AUTH
request 1 [ IDi CERTREQ AUTH SA TSi TSr N(MOBIKE_SUP)
N(NO_ADD_ADDR) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Mar 15 00:36:12 klick001 charon: 12[NET] sending packet:
from 10.138.0.4[4500] to 200.10.1**.***[4500] (988 bytes)
Mar 15 00:36:16 klick001 charon: 15[IKE] retransmit 1 of
request with message ID 1
Mar 15 00:36:16 klick001 charon: 15[NET] sending packet:
from 10.138.0.4[4500] to 200.10.1**.***[4500] (988 bytes)
Mar 15 00:36:23 klick001 charon: 16[IKE] retransmit 2 of
request with message ID 1
Mar 15 00:36:23 klick001 charon: 16[NET] sending packet:
from 10.138.0.4[4500] to 200.10.1**.***[4500] (988 bytes)
Mar 15 00:36:36 klick001 charon: 06[IKE] retransmit 3 of
request with message ID 1
Mar 15 00:36:36 klick001 charon: 06[NET] sending packet:
from 10.138.0.4[4500] to 200.10.1**.***[4500] (988 bytes)
Mar 15 00:36:56 klick001 charon: 10[IKE] sending keep alive
to 200.10.1**.***[4500]
Mar 15 00:36:59 klick001 charon: 09[IKE] retransmit 4 of
request with message ID 1
Mar 15 00:36:59 klick001 charon: 09[NET] sending packet:
from 10.138.0.4[4500] to 200.10.1**.***[4500] (988 bytes)
Mar 15 00:37:20 klick001 charon: 12[IKE] sending keep alive
to 200.10.1**.***[4500]
Mar 15 00:37:40 klick001 charon: 13[IKE] sending keep alive
to 200.10.1**.***[4500]
Mar 15 00:37:41 klick001 charon: 14[IKE] retransmit 5 of
request with message ID 1
Mar 15 00:37:41 klick001 charon: 14[NET] sending packet:
from 10.138.0.4[4500] to 200.10.1**.***[4500] (988 bytes)
Please assist as we are about to go live soon.
Thanks in advance.
Moses K
=======
Re: [strongSwan] How to improve connection loss when moving from 4G to Wifi?
Hi Houman, actually the IKEv2 MOBIKE mobility protocol does this automatically. Does your IPsec peer (VPN gateway) support MOBIKE since strongSwan enables it out of the box? Regards Andreas On 09.02.19 17:50, Houman wrote: > Hello, > > I've set up strongSwan U5.6.2/K4.15.0-43-generic on Ubuntu 18.04. It > works very well. > > However is there any way to improve connection or loss of when moving > from cellular 4G to WiFi / WiFi to 4G? > > I thought that IKEv2 could do that seamlessly? > > Many Thanks, > -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] length of TRAFFIC_SELECTOR_SUBSTRUCTURE substructure list invalid
Hi Yogesh, are you using an unmodified strongSwan peer on the other side or a third party VPN product? If it is strongSwan, which version are you using? Could you also send the configuration of the CHILD SA? Regards Andreas On 29.10.2018 06:43, Yogesh Purohit wrote: > Adding subject line to my query > > On Mon, Oct 29, 2018 at 11:12 AM Yogesh Purohit > mailto:yogeshpuroh...@gmail.com>> wrote: > > Hi Team, > > I am trying to establish tunnel with my strongswan. > But after receiving IKE_AUTH response my local strongswan end > (initiator) rejects tunnel saying ' length of > TRAFFIC_SELECTOR_SUBSTRUCTURE substructure list invalid'. > > And I am unable to get the reason for the same. Because I have > configured traffic selectors matching. > > IKE_Auth response which is recived is of 252 bytes, whereas when my > tunnel was established in other case IKE_AUTH response was of 204 bytes. > NOTE: I am trying the tunnel with PSK and version is IKEv2. > > So is there fixed bytes of IKE_AUTH response which is expected by > strongswan for PSK. > > And what does 'length of TRAFFIC_SELECTOR_SUBSTRUCTURE substructure > list invalid' means, I tried finding it in RFC, but could not find > the same. > > > Thanks & Regards, > > Yogesh Purohit > > > > -- > Best Regards, > > Yogesh Purohit -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] PEAP
Hi Christian, add --enable-eap-mschapv2 as a configure option since MSCHAP-V2 based password authentication is done within the PEAP tunnel. Regards Andreas On 15.09.2018 11:38, Christian Salway wrote: > I'm trying to set up PEAP but getting an error. I connect to an NPS and > have enabled PEAP with MSCHAPv2 on the connection > > > Sep 15 09:31:39 16[IKE] sending tunneled EAP-PEAP AVP [EAP/REQ/ID] > Sep 15 09:31:39 16[ENC] generating IKE_AUTH response 8 [ EAP/REQ/PEAP ] > Sep 15 09:31:39 16[NET] sending packet: from 10.0.1.82[4500] to > 86.2.58.36[60210] (128 bytes) > Sep 15 09:31:39 04[NET] sending packet: from 10.0.1.82[4500] to > 86.2.58.36[60210] > Sep 15 09:31:39 03[NET] waiting for data on sockets > Sep 15 09:31:40 03[NET] received packet: from 86.2.58.36[60210] to > 10.0.1.82[4500] > Sep 15 09:31:40 06[NET] received packet: from 86.2.58.36[60210] to > 10.0.1.82[4500] (160 bytes) > Sep 15 09:31:40 06[ENC] parsed IKE_AUTH request 9 [ EAP/RES/PEAP ] > Sep 15 09:31:40 06[IKE] received tunneled EAP-PEAP AVP [EAP/RES/ID] > Sep 15 09:31:40 06[IKE] received EAP identity 'christian.salway' > Sep 15 09:31:40 06[IKE] phase2 method EAP_MSCHAPV2 selected > *Sep 15 09:31:40 06[IKE] EAP_MSCHAPV2 method not available* > Sep 15 09:31:40 06[ENC] generating IKE_AUTH response 9 [ EAP/REQ/PEAP ] > > > ./configure --prefix=/usr --sysconfdir=/etc \ > --enable-eap-identity --enable-eap-radius --enable-openssl \ > --enable-eap-peap > > NPS > > > > > > Windows 10 reports: > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] (no subject)
Hi Sandesh, RSA signature-based authentication can only be broken if the same RSA key is being used as for RSA encryption-based authentication and this RSA key is broken applying the Bleichenbacher oracle to RSA encryption-based authentication. Since strongSwan does not implement RSA encryption, the RSA key cannot be determined using the Bleichenbacher oracle and therefore IKEv1 and IKEv2 RSA signatures cannot be compromised. It has always been known that IKEv1 and IKEv2 PSK-based authentication can be broken with an offline attack if the PSK is too weak. This is why we recommend EAP-based user authentication with IKEv2 where the server must authenticate itself first PSKs with 128 bit cryptographic strength or more cannot be broken. Best regards Andreas On 03.09.2018 11:20, Sandesh Sawant wrote: > Hello Andreas, > > > Thanks for confirming that strongSwan isn't vulnerable to the mentioned > attack. > > > However the report claims to have exploits for PSK and RSA signature > based authentication also... Quoting from the report abstract: > > "We exploit a Bleichenbacher oracle in an IKEv1 mode, where RSA > > encrypted nonces are used for authentication. Using this > > exploit, we break these RSA encryption based modes, > > and in addition break RSA signature based authentication > > in both IKEv1 and IKEv2. Additionally, we describe > > an offline dictionary attack against the PSK (Pre-Shared > > Key) based IKE modes, thus covering all available authentication > > mechanisms of IKE." > > > Can you please confirm that strongSwan isn't vulnerable to the > Bleichenbacher attack against IKEv2 signature based auth and offline > dictionary attack mentioned for PSK based auth (irrespective of the PSK > chosen by the user)? > > > Thanks, > > Sandesh > > > On Fri, Aug 31, 2018 at 3:50 PM Andreas Steffen > mailto:andreas.stef...@strongswan.org>> > wrote: > > Hi Sandesh, > > strongSwan is not vulnerable to the Bleichenbacher oracle attack > since we did not implement the RSA encryption authentication variant > for IKEv1. > > Best regards > > Andreas > > On 31.08.2018 10:53, Sandesh Sawant wrote: > > Hi all, > > > > I came across below news about a paper enlisting attacks pertaining to > > IKE protocol, and want to know whether the latest version of trongSwan > > stack is vulnerable to the attacks mentioned in this > > > paper: > https://www.ei.rub.de/media/nds/veroeffentlichungen/2018/08/13/sec18-felsch.pdf > > References: > > > > https://latesthackingnews.com/2018/08/20/ipsec-vpn-connections-broken-using-20-year-old-flaw/ > > > > https://securityaffairs.co/wordpress/75352/hacking/key-reuse-ipsec-attack.html > > > > Thanks, > > Sandesh > == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] (no subject)
Hi Sandesh, strongSwan is not vulnerable to the Bleichenbacher oracle attack since we did not implement the RSA encryption authentication variant for IKEv1. Best regards Andreas On 31.08.2018 10:53, Sandesh Sawant wrote: > Hi all, > > I came across below news about a paper enlisting attacks pertaining to > IKE protocol, and want to know whether the latest version of trongSwan > stack is vulnerable to the attacks mentioned in this > paper: > https://www.ei.rub.de/media/nds/veroeffentlichungen/2018/08/13/sec18-felsch.pdf > References: > https://latesthackingnews.com/2018/08/20/ipsec-vpn-connections-broken-using-20-year-old-flaw/ > https://securityaffairs.co/wordpress/75352/hacking/key-reuse-ipsec-attack.html > > Thanks, > Sandesh ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] help with ext-auth plugin
Hello Amit,
your log says:
00[CFG] no script for ext-auth script defined, disabled
The ex-auth plugin description
https://wiki.strongswan.org/projects/strongswan/wiki/Ext-auth
or man strongswan.conf
charon.plugins.ext-auth.script []
Command to pass to the system shell for peer authorization.
Authorization is considered successful if the command executes
normally with an exit code of zero. For all other exit codes
IKE_SA authorization is rejected.
The following environment variables get passed to the script:
IKE_UNIQUE_ID: The IKE_SA numerical unique identifier.
IKE_NAME: The peer configuration connection name.
IKE_LOCAL_HOST: Local IKE IP address.
IKE_REMOTE_HOST: Remote IKE IP address.
IKE_LOCAL_ID: Local IKE identity.
IKE_REMOTE_ID: Remote IKE identity.
IKE_REMOTE_EAP_ID: Remote EAP or XAuth identity, if used.
Thus you have to define an authentication script in strongswan.conf:
charon {
plugins {
ext-auth {
script =
}
}
}
Regards
Andreas
On 02.08.2018 18:55, Amit Priyadarshi wrote:
>
> Hello Strongswan experts,
>
> I am a strongswan-rookie and need some experts advice here.
> I am trying to configure strongswan to use external auth script.
> i followed below steps.
>
> root@ampriyad-Inspiron-3558:/home/ampriyad/strongswan/strongswan-5.6.3#
> ./configure --enable-ext-auth
>
> then i went ahead and did a
> make followed by
> make install.
> When i lauched ipsec i got below run logs
> Note that the plug in "ext-auth" did not gt loaded.
>
> root@ampriyad-Inspiron-3558:/home/ampriyad/strongswan/strongswan-5.6.3#
> ipsec start --debug-all --nofork
> Starting strongSwan 5.6.3 IPsec [starter]...
> Loading config setup
> found netkey IPsec stack
> Attempting to start charon...
> 00[DMN] Starting IKE charon daemon (strongSwan 5.6.3, Linux
> 4.15.0-29-generic, x86_64)
> 00[CFG] loading ca certificates from '/usr/local/etc/ipsec.d/cacerts'
> 00[CFG] loading aa certificates from '/usr/local/etc/ipsec.d/aacerts'
> 00[CFG] loading ocsp signer certificates from
> '/usr/local/etc/ipsec.d/ocspcerts'
> 00[CFG] loading attribute certificates from '/usr/local/etc/ipsec.d/acerts'
> 00[CFG] loading crls from '/usr/local/etc/ipsec.d/crls'
> 00[CFG] loading secrets from '/usr/local/etc/ipsec.secrets'
> 00[CFG] no script for ext-auth script defined, disabled
> 00[LIB] loaded plugins: charon aes des rc2 sha2 sha1 md5 mgf1 random
> nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp
> dnskey sshkey pem fips-prf gmp curve25519 xcbc cmac hmac attr
> kernel-netlink resolve socket-default stroke vici updown xauth-generic
> counters
> 00[JOB] spawning 16 worker threads
>
> Please guide me on what did i miss?
>
> --
> Regards,
> Amit Priyadarshi
>
>
>
>
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[INS-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
Re: [strongSwan] Security Comparison
Hi Marco, actually X25519 DH group 31 has a security strength of 128 bits, similar to ECP-256, although the Curve25519 characteristics are much better than those of the ECP-256 NIST curve. The "Goldilocks" X448 (DH group 32) has a security strength of 224 bits which is half-way between 192 bits and 256 bits. strongSwan doesn't support X448 yet. Best regards Andreas On 20.07.2018 14:43, Marco Berizzi wrote: > Hi Tobias, > > I think this is an underestimated point. Deserves more attention. > >> The cryptographic strength of all ciphers in a cipher suite should be >> consistent. For instance, using AES-256 for ESP is basically wasted >> when using MODP-2048 because that has only an estimated strength of 112 >> bits (same for ECP-256 whose estimated strength is 128 bits). > > Adding your above remark to [3] would be extremely useful. > > According to this paper [1] MODP-1536 is broken (< 112 bits of security > strength), and according to this nist publication [2], the only way to > be consistent with AES-256 is ECP-521 (diffie hellmann group 21) or x25519 > (diffie hellmann group 31). > > The MODP-3072 or ECP-256 is the minimum for being consistent with AES-128. > > So a simple consistent table could be: > > AES-128 ==>> MODP-3072 or ECP-256 > AES-192 ==>> MODP-8192 or ECP-384 > AES-256 ==>> ECP521 or x25519 > > [1] > https://csrc.nist.gov/csrc/media/publications/sp/800-131a/rev-1/final/documents/sp800-131a_r1_draft.pdf > [2] > https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-57pt1r4.pdf > [3] > https://wiki.strongswan.org/projects/strongswan/wiki/SecurityRecommendations > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] strongSwan plugins - openssl and x509
Hi Divya, yes, if you don't need OCSP support then you can disable the x509 plugin in the presence of the openssl plugin. Regards Andreas On 11.07.2018 11:08, divya mohan wrote: > Hello, > > I found the below documentation at > https://wiki.strongswan.org/projects/strongswan/wiki/Pluginlist > > openssl - Crypto backend based on OpenSSL, provides > RSA/ECDSA/DH/ECDH/ciphers/hashers/HMAC/X.509/CRL/RNG > > x509 - Advanced X.509 plugin for parsing/generating X.509 > certificates/CRLs and OCSP messages > > One question here -- > > Is usage of x509 certificates supported by both the above plugins? > So, if I am enabling openssl plugin, can x509 plugin be disabled? > My use case requires using x509 certificates, without CRL or OCSP support. > > - Divya > -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] TPM2.0 and ESAPI
Cześć Piotr, yes, that's correct. Some practical ESAPI examples would help tremendously. Especially in the form of ESAPI-enabled tpm2-tools. Na razie Andreas On 04.07.2018 11:30, Piotr Parus wrote: > Dzień dobry/Cześć/Hello Andreas, > > Thanks for your quick answer. I understand from it, that switching to > ESAPI is possible but not in the nearest future as ESAPI is quite new > and require some significant time to learn how to use it. Am I correct? > > Pozdrowienia/Regards, > > Piotr Parus > > > > W dniu 26.06.2018 o 17:07, Andreas Steffen pisze: >> Cześć Piotr, >> >> I've been aware of the emerging ESAPI which is indeed offering increased >> security in the communication with the TPM 2.0 and [hopefully] easier >> session handling but I wanted to wait for the 2.0.0 stable release, >> which apparently happened 5 days ago. >> >> Porting the strongSwan tpm plugin to ESAPI would be made much easier if >> the tpm2-tools would also adopt the ESAPI session handling, thus >> offering example code on how the new API is supposed to be used. >> >> Pozdrowienia >> >> Andreas >> >> On 26.06.2018 08:35, Piotr Parus wrote: >>> Hello! >>> >>> From the source code I see that when strongswan uses TPM2.0 chip it >>> uses TSS System API (SAPI) without sessions. Does the strongswan >>> maintainers have plans to switch to Enhanced System API (ESAPI) which >>> enables easier session handling and encrypting transmission on the wire >>> to the TPM chip? >>> >>> Best regards, >>> >>> Piotr Parus >>> > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] TPM2.0 and ESAPI
Cześć Piotr, I've been aware of the emerging ESAPI which is indeed offering increased security in the communication with the TPM 2.0 and [hopefully] easier session handling but I wanted to wait for the 2.0.0 stable release, which apparently happened 5 days ago. Porting the strongSwan tpm plugin to ESAPI would be made much easier if the tpm2-tools would also adopt the ESAPI session handling, thus offering example code on how the new API is supposed to be used. Pozdrowienia Andreas On 26.06.2018 08:35, Piotr Parus wrote: > Hello! > > From the source code I see that when strongswan uses TPM2.0 chip it > uses TSS System API (SAPI) without sessions. Does the strongswan > maintainers have plans to switch to Enhanced System API (ESAPI) which > enables easier session handling and encrypting transmission on the wire > to the TPM chip? > > Best regards, > > Piotr Parus > -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] Checking X509 Extended Key Usage
Hi Sven,
the certificate policy must be contained in all certificates
of the X.509 trust chain. See the following example scenario:
https://www.strongswan.org/testing/testresults5dr/swanctl/rw-ed25519-certpol/
Regards
Andreas
On 20.06.2018 13:41, Sven Anders wrote:
> Am 20.06.2018 um 10:43 schrieb Andreas Steffen:
>> Hi Sven,
>>
>> you can use certificate policies which are based on OIDs.
>>
>> With swanctl.conf:
>>
>> remote {
>> auth = pubkey
>> cert_policy =
>> ...
>> }
>>
>> or with ipsec.conf:
>>
>> rightcertpolicy=
>
> Thanks for pointing me to the right direction. I missed this in the
> manual page.
>
> So the manual page states:
>
> left|rightcertpolicy =
>
> Comma separated list of certificate policy OIDs the peer's certificate must
> have.
> OIDs are specified using the numerical dotted representation. Not supported
> for IKEv1 connections prior to 5.0.0.
>
>
> If I use the following configuration:
>
> conn rw-config
> also = rw-base
> ike =
> aes256-sha2_256-prfsha256-modp1024-modp2048,aes256gcm16-prfsha384-modp3072!
> esp = aes256-sha2_256-prfsha256,aes256-sha1,aes256gcm16-modp3072!
> leftsubnet = 10.0.0.0/8 # Split tunnel config
> leftid = "vpn.mydomain.net" # Must match remote part on the client side
> leftcert = server.crt# The server certificate to use
> leftsendcert = always# not "never"
> left = 10.0.1.99
>
> rightdns = 10.0.0.10, 10.0.0.11
> rightsourceip = %static, %dynamic
> rightcertpolicy = 1.3.6.1.5.5.7.3.2
>
> conn ikev2-pubkey
> also = rw-config
> keyexchange = ikev2
> auto = add
>
> I cannot connect and I get the following output:
>
> 8235[CFG] ike config match: 1052 (10.0.1.99 89.28.111.222 IKEv2)
> 8235[CFG] candidate "ikev2-pubkey", match: 20/1/1052 (me/other/ike)
> 8235[CFG] selected peer config 'ikev2-pubkey'
> 8235[CFG] using certificate "CN=MYNAME"
> 8235[CFG] certificate "CN=MYNAME" key: 4096 bit RSA
> 8235[CFG] using trusted intermediate ca certificate "DC=local, DC=my-group,
> CN=MY-CA01"
> 8235[CFG] certificate "DC=local, DC=my-group, CN=MY-SUB-CA01" key: 4096 bit
> RSA
> 8235[CFG] using trusted ca certificate "CN=MY-ROOT-CA01"
> 8235[CFG] certificate "CN=MY-ROOT-CA01" key: 4096 bit RSA
> 8235[CFG] reached self-signed root ca with a path length of 1
> 8235[IKE] authentication of 'MYNAME@my-group.local' with RSA signature
> successful
> 8235[CFG] constraint requires cert policy 1.3.6.1.5.5.7.3.2
> 8235[CFG] selected peer config 'ikev2-pubkey' inacceptable: non-matching
> authentication done
> 8235[CFG] no alternative config found
>
> If I remove the "rightcertpolicy" line, I can connect without problems.
>
> Any ideas?
>
>> On 20.06.2018 09:49, Sven Anders wrote:
>>> Hi Andreas,
>>>
>>> Am 19.06.2018 um 18:47 schrieb Andreas Steffen:
>>>> Hi Sven,
>>>>
>>>> according to section 5.1.3.12. "ExtendedKeyUsage" of RFC 4945
>>>> "The Internet IP Security PKI Profile of IKEv1/ISAKMP, IKEv2, and PKIX"
>>>> the IPsec User EKU is deprecated:
>>>>
>>>>The CA SHOULD NOT include the ExtendedKeyUsage (EKU) extension in
>>>>certificates for use with IKE. Note that there were three IPsec-
>>>>related object identifiers in EKU that were assigned in 1999. The
>>>>semantics of these values were never clearly defined. The use of
>>>>these three EKU values in IKE/IPsec is obsolete and explicitly
>>>>deprecated by this specification. CAs SHOULD NOT issue certificates
>>>>for use in IKE with them. (For historical reference only, those
>>>>values were id-kp-ipsecEndSystem, id-kp-ipsecTunnel, and id-kp-
>>>>ipsecUser.)
>>>>
>>>> The only EKU flags our X.509 class supports are ocspSigning, ClientAuth,
>>>> and ServerAuth.
>>>
>>> yes I know, that "IPsec User" is deprecated (I expected this remark would
>>> come), but I used it as an example here. We want to use our own OIDs.
>>>
>>> Because the ExtendedKeyUsage is a just a list of OIDs and there are no
>>> restrictions I know of, we use this to differentiate between classes of
>>> certificates we issue.
>>>
>>> If this isn't supported, how can we use StrongSwan to distinguish between
>>> groups of certificate
Re: [strongSwan] Checking X509 Extended Key Usage
Hi Sven,
you can use certificate policies which are based on OIDs.
With swanctl.conf:
remote {
auth = pubkey
cert_policy =
...
}
or with ipsec.conf:
rightcertpolicy=
Best regards
Andreas
On 20.06.2018 09:49, Sven Anders wrote:
> Hi Andreas,
>
> Am 19.06.2018 um 18:47 schrieb Andreas Steffen:
>> Hi Sven,
>>
>> according to section 5.1.3.12. "ExtendedKeyUsage" of RFC 4945
>> "The Internet IP Security PKI Profile of IKEv1/ISAKMP, IKEv2, and PKIX"
>> the IPsec User EKU is deprecated:
>>
>>The CA SHOULD NOT include the ExtendedKeyUsage (EKU) extension in
>>certificates for use with IKE. Note that there were three IPsec-
>>related object identifiers in EKU that were assigned in 1999. The
>>semantics of these values were never clearly defined. The use of
>>these three EKU values in IKE/IPsec is obsolete and explicitly
>>deprecated by this specification. CAs SHOULD NOT issue certificates
>>for use in IKE with them. (For historical reference only, those
>>values were id-kp-ipsecEndSystem, id-kp-ipsecTunnel, and id-kp-
>>ipsecUser.)
>>
>> The only EKU flags our X.509 class supports are ocspSigning, ClientAuth,
>> and ServerAuth.
>
> yes I know, that "IPsec User" is deprecated (I expected this remark would
> come), but I used it as an example here. We want to use our own OIDs.
>
> Because the ExtendedKeyUsage is a just a list of OIDs and there are no
> restrictions I know of, we use this to differentiate between classes of
> certificates we issue.
>
> If this isn't supported, how can we use StrongSwan to distinguish between
> groups of certificates without using Sub-CAs?
> We cannot be the first with this requirement...
>
>> On 19.06.2018 18:22, Sven Anders wrote:
>>>
>>> We want to limit the usage of certificates by defining certain
>>> "Extended Key Usage" (EKU) flags to them.
>>>
>>> As an example, we want to set the "IPSec User" usage (1.3.6.1.5.5.7.3.7) and
>>> only allow connection via IPSec, if it is set. We may use some other flags
>>> out of our own space too.
>>>
>>> How can I check in StrongSwan, if a certain EKU exists?
>
>
> Regards
> Sven Anders
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[INS-HSR]==
Re: [strongSwan] Checking X509 Extended Key Usage
Hi Sven, according to section 5.1.3.12. "ExtendedKeyUsage" of RFC 4945 "The Internet IP Security PKI Profile of IKEv1/ISAKMP, IKEv2, and PKIX" the IPsec User EKU is deprecated: The CA SHOULD NOT include the ExtendedKeyUsage (EKU) extension in certificates for use with IKE. Note that there were three IPsec- related object identifiers in EKU that were assigned in 1999. The semantics of these values were never clearly defined. The use of these three EKU values in IKE/IPsec is obsolete and explicitly deprecated by this specification. CAs SHOULD NOT issue certificates for use in IKE with them. (For historical reference only, those values were id-kp-ipsecEndSystem, id-kp-ipsecTunnel, and id-kp- ipsecUser.) The only EKU flags our X.509 class supports are ocspSigning, ClientAuth, and ServerAuth. Best regards Andreas On 19.06.2018 18:22, Sven Anders wrote: > Hello! > > We want to limit the usage of certificates by defining certain > "Extended Key Usage" (EKU) flags to them. > > As an example, we want to set the "IPSec User" usage (1.3.6.1.5.5.7.3.7) and > only allow connection via IPSec, if it is set. We may use some other flags > out of our own space too. > > How can I check in StrongSwan, if a certain EKU exists? > > Regards > Sven Anders > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] Loading certificate fails
Oops, wasn't aware that my pki setup was using the openssl plugin even though I was loading the x509 plugin in front of the openssl plugin. Returning to the actual question whether "organisationName" with OID 2.5.4.10 is an "otherName" type we should support. Since the value type is encoded explicitly we could handle any otherName type we have a known OID for. Regards Andreas On 05.06.2018 14:38, Tobias Brunner wrote: Hi Andreas, L6 - generalNames: L7 - generalName: L8 - otherName: => 80 bytes @ 0xd78923 0: 06 03 55 04 0A A0 49 0C 47 67 65 6D 61 74 69 6B ..U...I.Ggematik 16: 20 47 65 73 65 6C 6C 73 63 68 61 66 74 20 66 C3 Gesellschaft f. 32: BC 72 20 54 65 6C 65 6D 61 74 69 6B 61 6E 77 65 .r Telematikanwe 48: 6E 64 75 6E 67 65 6E 20 64 65 72 20 47 65 73 75 ndungen der Gesu 64: 6E 64 68 65 69 74 73 6B 61 72 74 65 20 6D 62 48 ndheitskarte mbH L9 - type-id: 'O' L9 - value: => 73 bytes @ 0xd7892a 0: 0C 47 67 65 6D 61 74 69 6B 20 47 65 73 65 6C 6C .Ggematik Gesell 16: 73 63 68 61 66 74 20 66 C3 BC 72 20 54 65 6C 65 schaft f..r Tele 32: 6D 61 74 69 6B 61 6E 77 65 6E 64 75 6E 67 65 6E matikanwendungen 48: 20 64 65 72 20 47 65 73 75 6E 64 68 65 69 74 73 der Gesundheits 64: 6B 61 72 74 65 20 6D 62 48 karte mbH which is just being ignored. It actually isn't. pki --print only successfully parses the certificate if the openssl plugin is loaded, otherwise it fails right after the output you posted above. The x509 plugin isn't happy about the unparsed generalName (while parse_otherName() returns TRUE, no id_type or encoding is returned, so parse_generalName() eventually returns NULL, which causes x509_parse_generalNames() to fail). Regards, Tobias -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] Loading certificate fails
:6d:44:44:dc:3c:ad:50:5c:6e:ab:19:5e: 13:7d:ac:55:99:58:9d:fd:26:ed:29:97:b7:d5:ed:90:ee:de: 37:eb:32:9e:52:41:47:c2:54:a2:0c:b1:41:f3:0e:ab:07:d9: 3c:ae:d1:7f:b7:a6:72:12:ac:e1:61:50:b5:c3:ec:3c:6c:d4: e1:0d:72:47:31:b7:3f:10:22:0d:55:20:74:28:f6:ce:e3:65: d1:ea:51:92:39:84:ed:93:d1:23:fb:a6:b7:2a:2b:26:6c:79: 95:60:3a:b6:2f:99:c6:d5:19:50:89:8b:6e:d2:99:cb:70:9e: 36:1a:21:15:43:50:e6:8b:de:43:8d:80:0f:2c:a9:dd:21:e7: 1a:cb:01:42 If this certificate is used by our Test-Roadwarrior Charon.log contains: Jun 5 09:20:56 14[LIB] building CRED_CERTIFICATE - ANY failed, tried 1 builders Jun 5 09:20:56 14[CFG] loading certificate from 'my.C_NK_VPN.pem' failed Kind regards, Mike. -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] VICI and PSK
Hi Anthony,
use the load-shared() VICI command:
Load a shared IKE PSK, EAP, XAuth or NTLM secret into the daemon.
{
id =
type =
data =
owners = [
]
} => {
success =
errmsg =
}
Regards
Andreas
On 16.05.2018 17:58, Modster, Anthony wrote:
Hello
? how to configure VICI for PSK
Thanks
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[INS-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
Re: [strongSwan] starting strongswan without starter
Hi Marco, you can put the following script https://github.com/strongswan/strongswan/blob/master/testing/hosts/default/etc/init.d/charon into /etc/init.d/ and either start and stop the charon daemon manually with service charon start|stop or put the a link to the script into the appropriate runlevel directories. Regards Andreas On 08.05.2018 11:33, Marco Berizzi wrote: Hello everyone, I have compiled strongswan on slackware linux with: --disable-stroke and the starter is not builded anymore. Slackware is one the the few distro which is not (yet) systemd based. Which is the correct way to start strongswan without 'ipsec start' ? -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] IKE_SA_INIT response with notification data missing
Hi Balaji, RFC 4739 "Multiple Authenticaton Exchanges in IKEv2" https://tools.ietf.org/html/rfc4739#section-3.1 defines the format of the MULTIPLE_AUTH_SUPPORT Notify Payload as 3.1. MULTIPLE_AUTH_SUPPORTED Notify Payload The MULTIPLE_AUTH_SUPPORTED notification is included in the IKE_SA_INIT response or the first IKE_AUTH request to indicate that the peer supports this specification. The Notify Message Type is MULTIPLE_AUTH_SUPPORTED (16404). The Protocol ID and SPI Size fields MUST be set to zero, and there is no data associated with this Notify type. So I don't understand why you expect notification data? Regards Andreas On 15.04.2018 04:42, Balaji Thoguluva Bapulal wrote: Dear users, I am trying to establish a IKEv2/IPsec tunnel from a security gateway towards strongswan with strongswan acting as a responder. In response to IKE_SA_INIT request packet, strongswan sends back IKE_SA_INIT response with a Notify payload of MULTIPLE_AUTH_SUPPORTED with notification data missing. I have attached the wireshark. It would be great if someone can explain why this behavior. [IKEv2]$ ipsec --version Linux strongSwan U5.3.0/K3.8.13-16.2.1.el6uek.x86_64 Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil, Switzerland See 'ipsec --copyright' for copyright information. The following is the configuration. config setup charondebug=all conn %default keyingtries=1 keyexchange=ikev2 reauth=no conn psk left=172.16.55.62 leftsourceip=%config% leftfirewall=no leftauth=psk leftsubnet=172.16.0.0/16 right=172.16.135.192 rightid=172.16.135.192 rightsubnet=172.16.0.0/16 rightauth=psk esp=3des-aes-sha1-md5-modp1024 ike=3des-sha1-md5-modp1024 auto=add type=tunnel Thanks, Balaji -- ====== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] Not Able to Connect
Hi,
if you want static virtual IPs then you can use one of the following two
mechanism:
https://www.strongswan.org/testing/testresults/ikev2/dhcp-static-client-id/
or
https://www.strongswan.org/testing/testresults/ikev2/dhcp-static-mac/
Just have a look at the console log how the DHCP server has to
be configured.
Regards
Andreas
On 29.03.2018 20:12, Info wrote:
>
> On 03/29/2018 10:21 AM, Andreas Steffen wrote:
>> Hi,
>>
>> yes you can fully integrate a remote host into a LAN by using the
>> farp and dhcp plugins on the VPN gateway so that the gateway
>> acts as an ARP proxy for the remote clients. Have a look at the
>> following example scenario based on swanctl:
>>
>> https://www.strongswan.org/testing/testresults/swanctl/dhcp-dynamic/
>>
>> In swanctl.conf
>>
>>
>> https://www.strongswan.org/testing/testresults/swanctl/dhcp-dynamic/moon.swanctl.conf
>>
>> use pools = dhcp and in strongswan.conf
>>
>>
>> https://www.strongswan.org/testing/testresults/swanctl/dhcp-dynamic/moon.strongswan.conf
>>
>> define the DCHP server to be used.
>>
>> Regards
>>
>> Andreas
> Thanks Andreas. You likely know (but for the benefit of others), things
> are done differently in RHEL. For the plugins normally loaded by
> /etc/strongswan/strongswan.conf, in the case of RHEL there's just a call to:
> charon {
> load_modular = yes
> plugins {
> include strongswan.d/charon/*.conf
> }
> }
>
> ... and in that directory there's a .conf for each plugin. Given the
> charon.log, all required plugins are already being loaded without my
> intervention (at least for charon, Idk about swanctl), including farp
> and dhcp. Since I no longer use the stroke plugin I set in its .conf
> file load = no. And in dhcp.conf I set server = 192.168.1.10 which
> will be the LAN DHCP server.
>
> Thing is since I run servers I've always used static IPs, so I'll have
> to figure out DHCP predictable assignment. But with the transition to
> IPV6 I will be using DHCP exclusively. (for the love of all that's holy)
>
>
>
>
>
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[INS-HSR]==
Re: [strongSwan] Not Able to Connect
Hi, yes you can fully integrate a remote host into a LAN by using the farp and dhcp plugins on the VPN gateway so that the gateway acts as an ARP proxy for the remote clients. Have a look at the following example scenario based on swanctl: https://www.strongswan.org/testing/testresults/swanctl/dhcp-dynamic/ In swanctl.conf https://www.strongswan.org/testing/testresults/swanctl/dhcp-dynamic/moon.swanctl.conf use pools = dhcp and in strongswan.conf https://www.strongswan.org/testing/testresults/swanctl/dhcp-dynamic/moon.strongswan.conf define the DCHP server to be used. Regards Andreas On 29.03.2018 18:57, Info wrote: > True. Although I infer that 'pools' might be address pools (as with > DHCP), I can find no evidence of this. And I now notice the 'pools' > definition further down. > > But I'd like this VPN to be 'transparent'. IOW I'd like my remote > machines and LAN members to use the same IP as they do in the LAN. If > possible I'd like to avoid virtual IPs. Is there any way to do this? > > And I gather that in the IPSec gateway for the LAN, I can define > different definitions for different remote machines, but I can't work > out how this would be structured with swanctl. I'd actually prefer to > keep the same definition for all remote initiators, but things may not > always work out like we want. > > Side question: I'm also in the process of transitioning the LAN to > IPV6. As my ISP will not foreseeably have IPV6 (Frontier Comm) I'll > need to use a tunnel broker. Will this be a problem with Strongswan, > and can the Android app do IPV6? > > > On 03/28/2018 02:35 PM, Andreas Steffen wrote: >> The connection setup gets now very far but finally fails because >> the pools defined by >> >> pools = primary-pool-ipv4, primary-pool-ipv6 >> >> don't seem be defined (have you added a pools section in swanctl.conf?) >> and therefore no virtual IP can be allocated to the initiator >> >> Wed, 2018-03-28 08:31 15[IKE] <ikev2-pubkey|1> >> peer requested virtual IP %any >> no virtual IP found for %any requested by 'C=US, O=Quantum >> CN=aries.darkmatter.org' >> peer requested virtual IP %any6 >> no virtual IP found for %any6 requested by 'C=US, O=Quantum >> CN=aries.darkmatter.org' >> no virtual IP found, sending INTERNAL_ADDRESS_FAILURE >> >> Regards >> >> Andreas >> >> On 28.03.2018 17:37, Info wrote: >>> I have no way of interpreting the syntax of these proposals as there's >>> no definitive description. Maybe '-' separates different options in a >>> category and ',' separates categories? But it also doesn't explain >>> "classic and combined-mode algos" nor not to mix them. I can't know >>> these things by instinct. >>> >>> Something else is wrong with the example. I copied it -exactly- (except >>> I used your esp_proposals), and the error log is attached. >>> >>> >>> >>> On 03/28/2018 02:21 AM, Andreas Steffen wrote: >>>> Hi, >>>> >>>> as your log explicitly says: >>>> >>>>> Tue, 2018-03-27 15:13 15[CFG] classic and combined-mode (AEAD) >>>>> encryption algorithms can't be contained in the same IKE proposal >>>> Thus instead of >>>> >>>> esp_proposals = >>>>> aes192gcm16-aes128gcm16-aes192-ecp256,aes192-sha256-modp3072,default >>>> you must define >>>> >>>> esp_proposals = >>>> aes192gcm16-aes128gcm16-ecp256,aes192-sha256-ecp256-modp3072,default >>>> >>>> Regards >>>> >>>> Andreas >>>> > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] Not Able to Connect
The connection setup gets now very far but finally fails because the pools defined by pools = primary-pool-ipv4, primary-pool-ipv6 don't seem be defined (have you added a pools section in swanctl.conf?) and therefore no virtual IP can be allocated to the initiator Wed, 2018-03-28 08:31 15[IKE] <ikev2-pubkey|1> peer requested virtual IP %any no virtual IP found for %any requested by 'C=US, O=Quantum CN=aries.darkmatter.org' peer requested virtual IP %any6 no virtual IP found for %any6 requested by 'C=US, O=Quantum CN=aries.darkmatter.org' no virtual IP found, sending INTERNAL_ADDRESS_FAILURE Regards Andreas On 28.03.2018 17:37, Info wrote: > I have no way of interpreting the syntax of these proposals as there's > no definitive description. Maybe '-' separates different options in a > category and ',' separates categories? But it also doesn't explain > "classic and combined-mode algos" nor not to mix them. I can't know > these things by instinct. > > Something else is wrong with the example. I copied it -exactly- (except > I used your esp_proposals), and the error log is attached. > > > > On 03/28/2018 02:21 AM, Andreas Steffen wrote: >> Hi, >> >> as your log explicitly says: >> >>> Tue, 2018-03-27 15:13 15[CFG] classic and combined-mode (AEAD) >>> encryption algorithms can't be contained in the same IKE proposal >> Thus instead of >> >> esp_proposals = >>> aes192gcm16-aes128gcm16-aes192-ecp256,aes192-sha256-modp3072,default >> you must define >> >> esp_proposals = >> aes192gcm16-aes128gcm16-ecp256,aes192-sha256-ecp256-modp3072,default >> >> Regards >> >> Andreas >> > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] Not Able to Connect
LOWFISH_CBC_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/HMAC_MD5_96/NO_EXT_SEQ > Tue, 2018-03-27 15:26 15[CFG] local_ts = 0.0.0.0/0 ::/0 > Tue, 2018-03-27 15:26 15[CFG] remote_ts = dynamic > Tue, 2018-03-27 15:26 15[CFG] hw_offload = 0 > Tue, 2018-03-27 15:26 15[CFG] sha256_96 = 0 > Tue, 2018-03-27 15:26 15[CFG] version = 2 > Tue, 2018-03-27 15:26 15[CFG] local_addrs = %any > Tue, 2018-03-27 15:26 15[CFG] remote_addrs = %any > Tue, 2018-03-27 15:26 15[CFG] local_port = 500 > Tue, 2018-03-27 15:26 15[CFG] remote_port = 500 > Tue, 2018-03-27 15:26 15[CFG] send_certreq = 1 > Tue, 2018-03-27 15:26 15[CFG] send_cert = CERT_SEND_IF_ASKED > Tue, 2018-03-27 15:26 15[CFG] mobike = 1 > Tue, 2018-03-27 15:26 15[CFG] aggressive = 0 > Tue, 2018-03-27 15:26 15[CFG] dscp = 0x00 > Tue, 2018-03-27 15:26 15[CFG] encap = 0 > Tue, 2018-03-27 15:26 15[CFG] dpd_delay = 30 > Tue, 2018-03-27 15:26 15[CFG] dpd_timeout = 0 > Tue, 2018-03-27 15:26 15[CFG] fragmentation = 2 > Tue, 2018-03-27 15:26 15[CFG] unique = UNIQUE_NO > Tue, 2018-03-27 15:26 15[CFG] keyingtries = 1 > Tue, 2018-03-27 15:26 15[CFG] reauth_time = 0 > Tue, 2018-03-27 15:26 15[CFG] rekey_time = 0 > Tue, 2018-03-27 15:26 15[CFG] over_time = 0 > Tue, 2018-03-27 15:26 15[CFG] rand_time = 0 > Tue, 2018-03-27 15:26 15[CFG] proposals = > IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_MD5_96/HMAC_SHA1_96/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_MD5/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/MODP_3072/MODP_4096/MODP_8192/MODP_2048/MODP_1024, > IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CAMELLIA_CCM_16_128/CAMELLIA_CCM_16_192/CAMELLIA_CCM_16_256/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/CAMELLIA_CCM_8_128/CAMELLIA_CCM_8_192/CAMELLIA_CCM_8_256/CAMELLIA_CCM_12_128/CAMELLIA_CCM_12_192/CAMELLIA_CCM_12_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_MD5/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/MODP_3072/MODP_4096/MODP_8192/MODP_2048/MODP_1024 > Tue, 2018-03-27 15:26 15[CFG] local: > Tue, 2018-03-27 15:26 15[CFG] id = cygnus.darkmatter.org > Tue, 2018-03-27 15:26 15[CFG] remote: > Tue, 2018-03-27 15:26 15[CFG] added vici connection: ikev2-pubkey > Tue, 2018-03-27 15:26 07[CFG] vici client 1 disconnected > > > So long story short, the reason that no one can get swanctl actually > working is that the docs are chaotic and busted. I say again: the docs > and examples do not work for swanctl. Docs are supposed to make it > possible to get something to function, without the destructive > condescension of frustrated fuctionaries with low self-esteem. But > apparently some like it this way. == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] Cipher Suite proposals changed in the course of 5.6.0 to 5.6.2
Hi Rolf, the correct syntax is ike=aes256-sha1-modp1024 Regards Andreas On 19.03.2018 02:08, Dr. Rolf Jansen wrote: > I tried already adding the following line to my ipsec.conf: > >ike = AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024 > > But as expected, this did not work because the syntax for specifying the > ciphers is different from the syntax for the actually used proposals. I > searched half the day for sort of a translation table or translation aid > before I gave up and simply patched the sources. > > That said, what would be the correct ike directive for getting charon simply > to accept the above proposal? > > Thank you ver much > > Rolf Jansen > > >> Am 18.03.2018 um 20:01 schrieb Noel Kuntze >> <noel.kuntze+strongswan-users-ml@thermi.consulting>: >> >> Hello, >> >> I know that everything looks like a nail, if you only got a hammer, but you >> only needed to add a corresponding ike and/or esp line in ipsec.conf to >> configure the right ciphers for that particular IKE SA configuration. The >> ciphers were removed because they were insecure and now there's an RFC for >> that. Take a look at the UsableExamples page. >> >> Kind regards >> >> Noel >> >> On 18.03.2018 23:48, Dr. Rolf Jansen wrote: >>> I am still using an iPhone 4 with iOS 7.1.2 which cannot be updated to a >>> more recent iOS. >>> >>> When I am on travel, I use the builtin L2TP/IPsec client in order to >>> connect to my FreeBSD home server providing the respective VPN service via >>> net/mpd5 + security/strongswan (both of which are installed from the ports >>> collection). >>> >>> After a recent update from strongSwan 5.6.0 to v5.6.2, my iPhone 4 cannot >>> connect anymore. In the server's log I see: >>> >>> Mar 18 18:33:05 example charon: 15[CFG] received proposals: >>> IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, >>> IKE:AES_CBC_256/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, >>> IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, >>> IKE:AES_CBC_128/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, >>> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, >>> IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024 >>> Mar 18 18:33:05 example charon: 15[CFG] configured proposals: >>> IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_3072, >>> IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048, >>> >>> IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048 >>> Mar 18 18:33:05 example charon: 15[IKE] no proposal found >>> >>> >>> I dug into the strongSwan sources, and I found, that some ciphers were >>> disabled. As a hot fix I added on my FreeBSD server a patch file to >>> /usr/ports/security/strongswan/files/patch-zz-add-classic-ciphers.local (s. >>> attachment), then I executed make deinstall install clean. For the time >>> being, this restored the iPhone 4 L2TP/IPsec connectivity. >>> >>> I know the iPhone 4 is almost 8 years old, however, mine looks like I >>> bought it yesterday, and the battery is still in a perfect shape, and I >>> don't want to buy a new one in the foreseeable future. Please may I ask to >>> pick the best cipher from the above list which iOS 7.1.2 is aware of, and >>> add it to the list of proposals which strongSwan wants to accept. >>> >>> Best regards >>> >>> Rolf Jansen >>> >> > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] Strongswan IPSec VPN is up but does not pass traffic
rd 0(sec) > expire use: soft 0(sec), hard 0(sec) > lifetime current: > 0(bytes), 0(packets) > add 2018-03-12 18:15:48 use - > tmpl src 10.39.63.211 dst 126.2.1.4 > proto esp spi 0x(0) reqid 1(0x0001) mode tunnel > level required share any > enc-mask auth-mask comp-mask > src 10.2.1.0/24 dst 192.168.199.0/24 uid 0 > dir fwd action allow index 74 priority 375424 share any flag > (0x) > lifetime config: > limit: soft (INF)(bytes), hard (INF)(bytes) > limit: soft (INF)(packets), hard (INF)(packets) > expire add: soft 0(sec), hard 0(sec) > expire use: soft 0(sec), hard 0(sec) > lifetime current: > 0(bytes), 0(packets) > add 2018-03-12 18:15:48 use - > tmpl src 126.2.1.4 dst 10.39.63.211 > proto esp spi 0x(0) reqid 1(0x0001) mode tunnel > level required share any > enc-mask auth-mask comp-mask > src 10.2.1.0/24 dst 192.168.199.0/24 uid 0 > dir in action allow index 64 priority 375424 share any flag > (0x) > lifetime config: > limit: soft (INF)(bytes), hard (INF)(bytes) > limit: soft (INF)(packets), hard (INF)(packets) > expire add: soft 0(sec), hard 0(sec) > expire use: soft 0(sec), hard 0(sec) > lifetime current: > 0(bytes), 0(packets) > add 2018-03-12 18:15:48 use - > tmpl src 126.2.1.4 dst 10.39.63.211 > proto esp spi 0x(0) reqid 1(0x0001) mode tunnel > level required share any > enc-mask auth-mask comp-mask > src 0.0.0.0/0 dst 0.0.0.0/0 uid 0 > socket in action allow index 59 priority 0 share any flag (0x) > lifetime config: > limit: soft 0(bytes), hard 0(bytes) > limit: soft 0(packets), hard 0(packets) > expire add: soft 0(sec), hard 0(sec) > expire use: soft 0(sec), hard 0(sec) > lifetime current: > 0(bytes), 0(packets) > add 2018-03-12 18:15:44 use 2018-03-12 18:34:33 > src 0.0.0.0/0 dst 0.0.0.0/0 uid 0 > socket out action allow index 52 priority 0 share any flag (0x) > lifetime config: > limit: soft 0(bytes), hard 0(bytes) > limit: soft 0(packets), hard 0(packets) > expire add: soft 0(sec), hard 0(sec) > expire use: soft 0(sec), hard 0(sec) > lifetime current: > 0(bytes), 0(packets) > add 2018-03-12 18:15:44 use 2018-03-12 18:34:28 > src 0.0.0.0/0 dst 0.0.0.0/0 uid 0 > socket in action allow index 43 priority 0 share any flag (0x) > lifetime config: > limit: soft 0(bytes), hard 0(bytes) > limit: soft 0(packets), hard 0(packets) > expire add: soft 0(sec), hard 0(sec) > expire use: soft 0(sec), hard 0(sec) > lifetime current: > 0(bytes), 0(packets) > add 2018-03-12 18:15:44 use 2018-03-12 18:34:39 > src 0.0.0.0/0 dst 0.0.0.0/0 uid 0 > socket out action allow index 36 priority 0 share any flag (0x) > lifetime config: > limit: soft 0(bytes), hard 0(bytes) > limit: soft 0(packets), hard 0(packets) > expire add: soft 0(sec), hard 0(sec) > expire use: soft 0(sec), hard 0(sec) > lifetime current: > 0(bytes), 0(packets) > add 2018-03-12 18:15:44 use 2018-03-12 18:34:39 > src ::/0 dst ::/0 uid 0 > socket in action allow index 27 priority 0 share any flag (0x) > lifetime config: > limit: soft 0(bytes), hard 0(bytes) > limit: soft 0(packets), hard 0(packets) > expire add: soft 0(sec), hard 0(sec) > expire use: soft 0(sec), hard 0(sec) > lifetime current: > 0(bytes), 0(packets) > add 2018-03-12 18:15:44 use - > src ::/0 dst ::/0 uid 0 > socket out action allow index 20 priority 0 share any flag (0x) > lifetime config: > limit: soft 0(bytes), hard 0(bytes) > limit: soft 0(packets), hard 0(packets) > expire add: soft 0(sec), hard 0(sec) > expire use: soft 0(sec), hard 0(sec) > lifetime current: > 0(bytes), 0(packets) > add 2018-03-12 18:15:44 use - > src ::/0 dst ::/0 uid 0 > socket in action allow index 11 priority 0 share any flag (0x) > lifetime config: > limit: soft 0(bytes), hard 0(bytes) > limit: soft 0(packets), hard 0(packets) > expire add: soft 0(sec), hard 0(sec) > expire use: soft 0(sec), hard 0(sec) > lifetime current: > 0(bytes), 0(packets) > add 2018-03-12 18:15:44 use - > src ::/0 dst ::/0 uid 0 > socket out action allow index 4 priority 0 share any flag (0x) > lifetime config: > limit: soft 0(bytes), hard 0(bytes) > limit: soft 0(packets), hard 0(packets) > expire add: soft 0(sec), hard 0(sec) > expire use: soft 0(sec), hard 0(sec) > lifetime current: > 0(bytes), 0(packets) > add 2018-03-12 18:15:44 use - > > > Thanks > > George -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] problem: fetching from hash_and_url
Hi Mike, you have to enable and build the curl plugin which in turn needs the libcurl header files provided e.g. by the libcurl4-openssl-dev Debian/Ubuntu package. make clean ./configure --enable-curl make sudo make install Regards Andreas On 01.03.2018 12:38, mike.ettr...@bertelsmann.de wrote: > Hi! > > > > We want to use certificate exchange by using a hash_and_url-server. > > > > What we found in the Charon-log is: > > > > Mar 1 11:37:45 08[CFG] <RU1-TI|4> fetching certificate from > 'http://146.185.113.20/99970a34dffce65a5fb9179d0a23212135b36197' ... > > Mar 1 11:37:45 08[LIB] <RU1-TI|4> unable to fetch from > http://146.185.113.20/99970a34dffce65a5fb9179d0a23212135b36197, no > capable fetcher found > > Mar 1 11:37:45 08[CFG] <RU1-TI|4> fetching certificate failed > > … > > Mar 1 11:37:45 08[ENC] <RU1-TI|4> generating IKE_AUTH response 1 [ > N(AUTH_FAILED) ] > > > > As I could find in the users-mailing-list a capable fetcher could be > provided by the curl-plugin. > > > > Our installations statusall shows: > > > > sudo ipsec statusall > > Status of IKE charon daemon (strongSwan 5.5.3, Linux > 4.4.103-6.38-default, x86_64): > > uptime: 54 minutes, since Mar 01 11:41:29 2018 > > malloc: sbrk 2969600, mmap 0, used 693088, free 2276512 > > worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, > scheduled: 0 > > loaded plugins: charon aes des rc2 sha2 sha1 md5 random nonce x509 > pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem fips-prf gmp > curve25519 xcbc cmac hmac attr kernel-netlink socket-default stroke vici > updown xauth-generic > > > > Do we need to install additional plugins? > > > > Kind regards, > > Mike. > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] pki --verify Command
Hi Jafar, "pki --verify" is a command that is not intended to be used very often. There are some rare cases where you might be in doubt whether a certificate trust chain is correct and therefore might want to check it out by usually increasing the debug level to 3. Thus no effort has been taken to automate the verification process for multi-level trust chains. You are free to propose and implement some extensions to the "pki --verify" command. Regards Andreas On 09.02.2018 22:10, Jafar Al-Gharaibeh wrote: > Hi, > > When invoking the "pki --verify" command, the user has to supply all > of the CA certs along the trust chain for the verification to take place > appropriately. This could be cumbersome if the trust chain is long > (>1). If there are CRLs, they also have to be supplied as well. If the > certificate store is known (default location for example such as > /etc/ipsec.d/), shouldn't this all be done automatically? i.e, once you > know the certificate to be verified, you can lookup the issuers all the > way up to the root CA with their associated CRLs. Is there any reason > why it doesn't work that way, other than nobody gotten around to doing it? > > Regards, > Jafar ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] Strongswan 5.5
Hi Rajeev, the private key itself does not pass the key integrity tests of the gpm plugin. How did you create the private RSA key? Regards Andreas On 07.02.2018 04:43, rajeev nohria wrote: > > > I am getting following error. > > writing RSA key > 11[LIB] key integrity tests failed > 11[LIB] building CRED_PRIVATE_KEY - RSA failed, tried 8 builders > > What could be wrong? I verified the certificate and private key from > following site and they matched. > > https://www.sslshopper.com/certificate-key-matcher.html > > > Thanks in advance, > > Rajeev > -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] Separate files for crt and key
Hi Marc, certificates and keys are always loaded from separate files (with the exemption of PKCS#12 containers). The certificates are loaded via leftcert|rightcert entries in ipsec.conf and keys are loaded via RSA|ECDSA entries in ipsec.secrets. The matching of certs and keys is done automatically by the strongSwan daemon. Regards Andreas On 26.01.2018 15:01, Marc Roos wrote: Is it possible to specify separate files for the crt and key? Something like leftcert=moonCert.crt leftkey=moonCert.key ??? conn rw-eap left=192.168.0.1 leftsubnet=10.1.0.0/16 leftid=@moon.strongswan.org leftcert=moonCert.pem leftauth=pubkey leftfirewall=yes rightid=*@strongswan.org rightauth=eap-md5 rightsendcert=never right=%any auto=add -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] dpd not getting triggered
Hi Kalyani, strongSwan uses NAT detection payloads in INFORMATIONAL messages with RFC 4555 MOBIKE which is enabled by default. See https://tools.ietf.org/html/rfc4555#section-3.8 Regards Andreas On 12.01.2018 07:16, Kalyani Garigipati (kagarigi) wrote: > Hi, > > > > Thanks a lot for the reply. It worked. I see the dpd triggering now. > > > > I am working on a case when dpd from strongswan sends the nat detection > payloads. > > I wanted to know upon which conditions strongswan would send dpd request > with nat_detection_src_ip and nat_detection_dst_ip. > > > > Is it done only in specific case like when strongswan is behind the nat > ? and strongswan is in remote-access-client ? > > > > Regards, > > kalyani > > > > *From:*bls s [mailto:bl...@outlook.com] > *Sent:* Friday, January 12, 2018 6:40 AM > *To:* Kalyani Garigipati (kagarigi) <kagar...@cisco.com>; > users@lists.strongswan.org > *Subject:* RE: [strongSwan] dpd not getting triggered > > > > By default dpdaction=none, which disables sending dpd messages. > > > > *From: *Kalyani Garigipati (kagarigi) <mailto:kagar...@cisco.com> > *Sent: *Thursday, January 11, 2018 10:47 AM > *To: *users@lists.strongswan.org <mailto:users@lists.strongswan.org> > *Subject: *[strongSwan] dpd not getting triggered > > > > Hi, > > I am using strongswan version 5.6.1 > I found that even though I configured dpd using dpddelay and dpdtimeout, > dpd is not getting triggered from strongswan client at all even though > there is no traffic passing. > Please let me know how to debug this. > > > config setup > charondebug=all > # crlcheckinterval=600 > # strictcrlpolicy=yes > # cachecrls=yes > # nat_traversal=yes > # charonstart=no > > conn %default > ikelifetime=100m > keylife=20m > rekeymargin=8m > keyingtries=1 > authby=psk > keyexchange=ikev2 > ike=aes256-sha256-modp1024 > esp=3des-sha1 > mobike=yes > dpddelay=5s > dpdtimeout=150s > > # Add connections here. > > # Add connections here. > conn net-net > left=10.127.47.104 > leftsubnet=10.127.47.104/32 > leftid=10.127.47.104 > right=10.104.108.110 > rightsubnet=10.104.108.110/32 > rightid=10.104.108.110 > auto=start > > ~ > Regards, > kalyani > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] OSCP
Hi Anthony, the OCSP server hostname contained in an authorityInfoAccess extension is resolved by the http fetcher plugin (usually libcurl) into an IP address. Thus the DNS resolver process is outside the scope of strongSwan. Regards Andreas On 18.12.2017 18:38, Modster, Anthony wrote: Hello Andreas If the OCSP URI is included in the authorityInfoAccess extension: ? How does strongswan obtain the IP address ? Does it need to have a DNS client installed on the host ? Can it support secure DNS Thanks -Original Message- From: Users [mailto:users-boun...@lists.strongswan.org] On Behalf Of Andreas Steffen Sent: Saturday, December 16, 2017 2:23 AM To: Modster, Anthony <anthony.mods...@teledyne.com>; users@lists.strongswan.org Subject: Re: [strongSwan] OSCP Hello Anthony, if the OCSP URI is not included via an authorityInfoAccess extension in the end entity certificate itself then an authority section defining an OCSP URI can be added to swanctl.conf as shown in the link below https://www.strongswan.net/testing/testresults/swanctl/ocsp-signer-cert/carol.swanctl.conf Regards Andreas On 16.12.2017 00:56, Modster, Anthony wrote: Hello ? how do we setup OSCP, when using VICI Is there a writeup for this item. ? what support tools are needed on the host Thanks -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] Autorisation in vici?
Hi Michael, in order to access the charon daemon via a vici UNIX socket you either must be root or if capability dropping is enabled and a vpn group is defined, you must be member of that vpn group. The latter case allows mortals to initiate and terminate connections without having root access to the configuration and secrets in swanctl.conf. In principle the VICI interface could be configured as a TCP network socket via the charon.plugins.vici.socket option in strongswan.conf. But because no authentication is required and TLS is currently not available we strongly advise against enabling vici network sockets. Best regards Andreas On 17.12.2017 14:58, Michael Schwartzkopff wrote: > Hi, > > > is there any kind of authentication / autorization in the vici > interface? Or does everybody that has access to the socket (or tcp > socket) full control over charon? > > > I did not find anything the docs. > > > Mit freundlichen Grüßen, > -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] OSCP
Hello Anthony, if the OCSP URI is not included via an authorityInfoAccess extension in the end entity certificate itself then an authority section defining an OCSP URI can be added to swanctl.conf as shown in the link below https://www.strongswan.net/testing/testresults/swanctl/ocsp-signer-cert/carol.swanctl.conf Regards Andreas On 16.12.2017 00:56, Modster, Anthony wrote: > Hello > > > > ? how do we setup OSCP, when using VICI > > > > Is there a writeup for this item. > > > > ? what support tools are needed on the host > > > > Thanks > > > -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] Validating Local Host Own Certificate
Hi Jafar, locally loaded certificates are always trusted. Regards Andreas On 07.12.2017 07:44, Jafar Al-Gharaibeh wrote: Hi, I have noticed that when configuring the local certificate in a connection via : leftcert=cert.pem The certificate is loaded and trusted without validating it through CA/trust-chains. Is this behavior documented anywhere? digging through documentation I only found old email references to this. Is this the expected behavior? Is there a way to force one's own certificate validation when loaded/used? i.e/ cert.pem above has to be validated through a CA tustchain. Thanks, Jafar -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] StrongSwan Android app, NO_PROPOSAL_CHOSEN error & Digital Ocean's VPN tutorial
Hi Alexander, could you increase the debug level to "cfg 2" on the server which would show the received and installed crypto algorithms. Regards Andreas On 20.11.2017 16:30, Bugakov, Alexander wrote: > Hello, > > I tried to install StrongSwan IKEv2 on DigitalOcean's freshly > configured server using this tutorial - > https://www.digitalocean.com/community/tutorials/how-to-set-up-an-ikev2-vpn-server-with-strongswan-on-ubuntu-16-04 > > I created fresh Ubuntu instance, got an IP address 128.199.36.88 and > followed all steps in the guide. I've saved server-root-ca.pem to my > Android phone and installed it. I obtained StrongSwan client from > Google Play and added profile, choosing the cert, and specifying my > password and login name. > > I am getting the following in the charon's log on Android: > > Nov 20 17:54:40 00[DMN] Starting IKE charon daemon (strongSwan > 5.6.1dr3, Android 7.0 - NRD90M/2017-10-01, MI 5s Plus - > Xiaomi/natrium/Xiaomi, Linux 3.18.31-perf-gb46523a, aarch64) > Nov 20 17:54:40 00[LIB] loaded plugins: androidbridge charon > android-log openssl fips-prf random nonce pubkey chapoly curve25519 > pkcs1 pkcs8 pem xcbc hmac socket-default revocation eap-identity > eap-mschapv2 eap-md5 eap-gtc eap-tls x509 > Nov 20 17:54:40 00[JOB] spawning 16 worker threads > Nov 20 17:54:40 10[IKE] initiating IKE_SA android[4] to 128.199.36.88 > Nov 20 17:54:40 10[ENC] generating IKE_SA_INIT request 0 [ SA KE No > N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] > Nov 20 17:54:40 10[NET] sending packet: from 10.220.173.129[46526] to > 128.199.36.88[500] (704 bytes) > Nov 20 17:54:40 09[NET] received packet: from 128.199.36.88[500] to > 10.220.173.129[46526] (36 bytes) > Nov 20 17:54:40 09[ENC] parsed IKE_SA_INIT response 0 [ N(NO_PROP) ] > Nov 20 17:54:40 09[IKE] received NO_PROPOSAL_CHOSEN notify error > > Here is the log on the server's side: > > Nov 20 14:49:01 vpn charon: 12[NET] received packet: from > 31.173.82.18[62259] to 128.199.36.88[500] (704 bytes) > Nov 20 14:49:01 vpn charon: 12[ENC] parsed IKE_SA_INIT request 0 [ SA > KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] > Nov 20 14:49:01 vpn charon: 12[IKE] 31.173.82.18 is initiating an IKE_SA > Nov 20 14:49:01 vpn charon: 12[IKE] remote host is behind NAT > Nov 20 14:49:01 vpn charon: 12[IKE] received proposals inacceptable > Nov 20 14:49:01 vpn charon: 12[ENC] generating IKE_SA_INIT response 0 > [ N(NO_PROP) ] > Nov 20 14:49:01 vpn charon: 12[NET] sending packet: from > 128.199.36.88[500] to 31.173.82.18[62259] (36 bytes) > Nov 20 14:54:38 vpn charon: 13[NET] received packet: from > 31.173.82.18[56711] to 128.199.36.88[500] (704 bytes) > Nov 20 14:54:38 vpn charon: 13[ENC] parsed IKE_SA_INIT request 0 [ SA > KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] > Nov 20 14:54:38 vpn charon: 13[IKE] 31.173.82.18 is initiating an IKE_SA > Nov 20 14:54:38 vpn charon: 13[IKE] remote host is behind NAT > Nov 20 14:54:38 vpn charon: 13[IKE] received proposals inacceptable > Nov 20 14:54:38 vpn charon: 13[ENC] generating IKE_SA_INIT response 0 > [ N(NO_PROP) ] > Nov 20 14:54:38 vpn charon: 13[NET] sending packet: from > 128.199.36.88[500] to 31.173.82.18[56711] (36 bytes) > N > > Here is my /etc/ipsec.conf: > > config setup > charondebug="ike 1, knl 1, cfg 0" > uniqueids=no > > conn ikev2-vpn > auto=add > compress=no > type=tunnel > keyexchange=ikev2 > fragmentation=yes > forceencaps=yes > ike=aes256-sha1-modp1024,3des-sha1-modp1024! > esp=aes256-sha1,3des-sha1! > dpdaction=clear > dpddelay=300s > rekey=no > left=%any > leftid=128.199.36.88 > leftcert=/etc/ipsec.d/certs/vpn-server-cert.pem > leftsendcert=always > leftsubnet=0.0.0.0/0 > right=%any > rightid=%any > rightauth=eap-mschapv2 > rightdns=8.8.8.8,8.8.4.4 > rightsourceip=10.10.10.0/24 > rightsendcert=never > eap_identity=%identity > > My /etc/ipsec.secrets contains: > > 128.199.36.88 : RSA "/etc/ipsec.d/private/vpn-server-key.pem" > vpnusername %any% : EAP "vpnpasswordredacted" > > What might be the issue? > > Thank you. > > A. > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] what the use (effect) of "righthostaccess=yes"
Hi Rajiv, if "left" is local and "right" is remote then only leftfirewall and lefthostaccess are defined. rightfirewall and righthostaccess are used when "right" is local and "left" is remote as in the following scenario where sides are swapped: https://www.strongswan.net/testing/testresults/ikev2/config-payload-swapped/ Regards Andreas On 20.11.2017 15:15, Rajiv Kulkarni wrote: Hi I have a ipsec tunnel deployed/configured as below: PC1(lan)[GW1](wan)=IPSEC(wan)[GW2](lan)---PC2 PC1-ipaddr: 192.168.22.x PC2-ipaddr: 192.168.25.x GW1-lan-ipaddr: 192.168.22.1 GW2-lan-ipaddr: 192.168.25.1 I see that to allow access to 192.168.22.1 from PC2 (via the ipsec tunnel) i should use the options "lefthostaccess=yes" (and also leftfirewall=yes) on GW1 And when we use the options..we have the following iptable rules added on GW1 (thru the updown script automatically whenever the tunnel is UP) --- root@lssimgw1:/usr/local/etc# iptables -nvL Chain INPUT (policy ACCEPT 52 packets, 4680 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- eth0 * 192.168.22.0/24 <http://192.168.22.0/24> 192.168.25.0/24 <http://192.168.25.0/24> policy match dir in pol ipsec reqid 1 proto 50 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- eth0 * 192.168.22.0/24 <http://192.168.22.0/24> 192.168.25.0/24 <http://192.168.25.0/24> policy match dir in pol ipsec reqid 1 proto 50 0 0 ACCEPT all -- * eth0 192.168.25.0/24 <http://192.168.25.0/24> 192.168.22.0/24 <http://192.168.22.0/24> policy match dir out pol ipsec reqid 1 proto 50 Chain OUTPUT (policy ACCEPT 40 packets, 3976 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * eth0 192.168.25.0/24 <http://192.168.25.0/24> 192.168.22.0/24 <http://192.168.22.0/24> policy match dir out pol ipsec reqid 1 proto 50 root@lssimgw1:/usr/local/etc# - so once we have the above fw rules in place in the INPUT/OUTPUT chain,..we can access the GW1-lan-ip from PC2 via the ipsec tunnel successfully... - The similar observation is also made for using the lefthostaccess option on GW2 too.. Now if i use "righthostaccess=yes"...i dont see any rules getting added in the INPUT/OUTPUT chain...neither in GW1 or in GW2 - So my query is: whats the use of the option "righthostaccess=yes"...where and when do we use this option? thanks & regards Rajiv -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] Remote Attestation through Cisco ASA
Hi Mario, if the Cisco ASA does not tunnel the strongSwan IKE traffic then just do remote attestation via the PT-TLS protocol. On the client side you can use the strongSwan pt-tls-client and on the server side add the tnc-pdp plugin listening on the PT-TLS TCP port 271 to the strongSwan charon daemon. Regards Andreas On 15.11.2017 23:22, Mario Maldonado wrote: Hi all, I wish to use StrongSwan for remote attestation through a Cisco ASA, eg: StrongSwan gateway 192.168.0.0/24 <http://192.168.0.0/24> ASA 192.168.1.0/24 <http://192.168.1.0/24> Device With no ASA I have successfully configured StrongSwan with remote attestation using the EAP-TTLS plugin. I have also managed to configure a StrongSwan connection to the ASA, giving me access to the 192.168.0.0/24 <http://192.168.0.0/24> subnet. I am then unable to bring up the attestation connection. I was hoping it would setup a tunnel within the ASA tunnel but from what I understand IKE traffic is exempt from the negotiated tunnel (preventing nested tunnels) and then blocked by the ASA. Is there a way around this / a nice way of achieving such a connection? Can I use StrongSwan for TNC integrity measurement without the tls tunnel? This way the TPM and IMA measurements can be sent through the ASA tunnel with no issues. From looking around the docs it looks like the only way of performing remote attestation is with the EAP-TTLS plugin? This would also be ideal as the traffic only has to be decrypted once by the device. Many thanks, Mario -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] No private key found
thentication: > > id: fc00:cada:c404:607::1001 > > remote public key authentication: > > gcpfc00:cada:c404::200: TRANSPORT, rekeying every 3600s > > local: fc00:cada:c404:607::1001/128[tcp] > > remote: 2017::5002/128[tcp] > > l2tpfc00:cada:c404::200: TRANSPORT, rekeying every 3600s > > local: fc00:cada:c404:607::1001/128[l2tp] > > remote: 2017::5002/128[l2tp] > > > > > root@E6kn-2016:# swanctl --list-certs > > > List of X.509 End Entity Certificates > > > subject: "C=US, O=ARRIS, OU=LOWELL, CN=00:33:5f:ab:8c:9e" > > issuer: "C=US, O=CableLabs, OU=TEST Device CA01, CN=TEST CableLabs > Device Certification Authority" > > validity: not before Sep 28 18:18:53 2017, ok > > not after Sep 28 18:18:53 2037, ok (expires in 7300 days) > > serial: dd:dc:09:21:36:f2:e8:71 > > authkeyId: f6:dc:40:8a:89:b6:7b:7a:08:f6:78:b5:4a:28:7a:7f:57:9b:f9:9b > > subjkeyId: 9d:c7:c5:20:f7:bf:0c:fb:39:d2:5d:a2:8f:73:37:f1:f3:e0:a4:f9 > > pubkey: RSA 2048 bits, has private key > > keyid: 8d:40:7d:fb:38:7b:4b:e2:fe:00:ba:72:6c:82:63:2b:6b:75:30:6e > > subjkey: 9d:c7:c5:20:f7:bf:0c:fb:39:d2:5d:a2:8f:73:37:f1:f3:e0:a4:f9 > > > List of X.509 CA Certificates > > > subject: "C=US, O=CableLabs, OU=TEST Device CA01, CN=TEST CableLabs > Device Certification Authority" > > issuer: "C=US, O=CableLabs, OU=TEST Root CA01, CN=TEST CableLabs > Root Certification Authority" > > validity: not before Dec 09 23:08:49 2014, ok > > not after Dec 09 23:08:49 2049, ok (expires in 11755 days) > > serial: a0:16:bc:73:85:0e:65:37 > > altNames: CN=SYMC-3072-5 > > flags: CA CRLSign > > pathlen: 0 > > authkeyId: 89:62:79:3d:b4:07:c9:f3:c6:97:59:dd:b6:dc:65:0b:33:54:ff:fb > > subjkeyId: f6:dc:40:8a:89:b6:7b:7a:08:f6:78:b5:4a:28:7a:7f:57:9b:f9:9b > > pubkey: RSA 3072 bits > > keyid: b7:98:32:e4:ae:30:02:57:f7:ad:cb:2b:37:41:17:9c:1b:9d:79:28 > > subjkey: f6:dc:40:8a:89:b6:7b:7a:08:f6:78:b5:4a:28:7a:7f:57:9b:f9:9b > > > subject: "C=US, O=CableLabs, OU=TEST Root CA01, CN=TEST CableLabs > Root Certification Authority" > > issuer: "C=US, O=CableLabs, OU=TEST Root CA01, CN=TEST CableLabs > Root Certification Authority" > > validity: not before Nov 11 17:19:44 2014, ok > > not after Nov 11 17:19:44 2064, ok (expires in 17206 days) > > serial: b1:b0:d3:be:83:ee:bf:e3 > > altNames: CN=MPKI-4096-1-206 > > flags: CA CRLSign self-signed > > subjkeyId: 89:62:79:3d:b4:07:c9:f3:c6:97:59:dd:b6:dc:65:0b:33:54:ff:fb > > pubkey: RSA 4096 bits > > keyid: bd:0e:4c:0f:21:cf:f0:49:af:19:34:3b:c2:64:c5:31:a1:2e:11:07 > > subjkey: 89:62:79:3d:b4:07:c9:f3:c6:97:59:dd:b6:dc:65:0b:33:54:ff:fb > > > > pki --print --type rsa-priv --in privKey.pem > > privkey: RSA 2048 bits > > keyid: 8d:40:7d:fb:38:7b:4b:e2:fe:00:ba:72:6c:82:63:2b:6b:75:30:6e > > subjkey: 9d:c7:c5:20:f7:bf:0c:fb:39:d2:5d:a2:8f:73:37:f1:f3:e0:a4:f9 > > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] Permission Denied error
Hi, try sudo -s ipsec pki --gen > caKey.der Regards Andreas On 19.09.2017 02:24, R. Masucci wrote: > I just got StrongSwan installed on Ubuntu 14.04 and I tried to create a > key using the instructions provided: > > ipsec pki --gen > caKey.der > > gets me the following error: > > > bash: caKey.der: Permission denied > > > I tried to run it with sudo and I get the same error. I assume the key > would be populated in: > > /etc/ipsec.d/private > > > Any help is appreciated! > > -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] nonce Length
Hi Jafar,
the mandatory nonce plugin is a nonce generator which returns
the requested number of random bytes. There are many other places in
the strongSwan code where nonces of variable size are needed
(e.g. for the IKE SPI or for the TLS client or server Hello).
Kind regards
Andreas
On 14.09.2017 17:28, Jafar Al-Gharaibeh wrote:
Hi Andreas,
Thanks for the quick and thorough answer. I did not find that piece
of information (nonce size) in the documentation, but as you noted about
the source code, I did download and dig through the source code
yesterday and came across the the 32 byte number. Thanks for confirming
that.
I also came across nonce plugin configuration:
nonce {
}
Is there really any thing configurable here or is that just there for
completeness?
Kind Regards,
Jafar
On 9/14/2017 1:56 AM, Andreas Steffen wrote:
Hi Jafar,
section 2.10 of IKEv2 RFC 7296 [1] states that
Nonces used in IKEv2
MUST be randomly chosen, MUST be at least 128 bits in size, and MUST
be at least half the key size of the negotiated pseudorandom function
(PRF). However, the initiator chooses the nonce before the outcome
of the negotiation is known. Because of that, the nonce has to be
long enough for all the PRFs being proposed.
This is why strongSwan generates nonces with a constant size of 32 bytes
(256 bits) as defined in nonce_payloads.h [2]
/**
* Nonce size in bytes for nonces sending to other peer.
*/
#define NONCE_SIZE 32
Best regards
Andreas
[1]https://tools.ietf.org/html/rfc7296#section-2.10
[2]https://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libcharon/encoding/payloads/nonce_payload.h;h=ee8ad17f789ed4fe6a2e3476fc710b79d74885aa;hb=HEAD#l30
On 13.09.2017 20:37, Jafar Al-Gharaibeh wrote:
Hi,
What is the default length of the nonce used to establish and rekey
IKE/Child SAs? is that based on the DH group? and is the length
configurable?
Thanks,
Jafar
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[INS-HSR]==
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[INS-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
Re: [strongSwan] nonce Length
Hi Jafar, section 2.10 of IKEv2 RFC 7296 [1] states that Nonces used in IKEv2 MUST be randomly chosen, MUST be at least 128 bits in size, and MUST be at least half the key size of the negotiated pseudorandom function (PRF). However, the initiator chooses the nonce before the outcome of the negotiation is known. Because of that, the nonce has to be long enough for all the PRFs being proposed. This is why strongSwan generates nonces with a constant size of 32 bytes (256 bits) as defined in nonce_payloads.h [2] /** * Nonce size in bytes for nonces sending to other peer. */ #define NONCE_SIZE 32 Best regards Andreas [1]https://tools.ietf.org/html/rfc7296#section-2.10 [2]https://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libcharon/encoding/payloads/nonce_payload.h;h=ee8ad17f789ed4fe6a2e3476fc710b79d74885aa;hb=HEAD#l30 On 13.09.2017 20:37, Jafar Al-Gharaibeh wrote: > Hi, > >What is the default length of the nonce used to establish and rekey > IKE/Child SAs? is that based on the DH group? and is the length > configurable? > > Thanks, > Jafar ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] Default value of inactivity in ipsec.conf
Hi Terry, by default no inactivity timer is set. In the default case the CHILD SA exists until it expires. Regards Andreas On 12.09.2017 08:50, Terry Wang wrote: Hi folks, I've been assigned to review IPsec VPN deployment configurations (hundreds of strongSwan 5.3.2). I want to understand how CHILD_SAs are closed if there is no traffic sent or received. Based on: https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection `inactivity` defines the timeout interval after which a CHILD_SA (phase 2 SA) is closed if it does not send or receive any traffic. I've looked at the source code: * src/libcharon/config/child_cfg.c * src/libcharon/config/child_cfg.h There is no default value assigned to the variable inactivity (uint32_t). So how does charon (strongSwan) decide when to close a CHILD_SA if no traffic is sent/received. Thanks, Terry -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]==
Re: [strongSwan] Strongswan and TPM
Hi John, currently strongSwan supports signature keys residing in the NVRAM of the TPM 2.0, only. These can be accessed using the object handle range 0x8101. Private keys stored in the NVRAM of the TPM 2.0 have the big advantage that you can wipe the hard disk or SSD without irretrievably losing the keys. But as you correctly mention in principle an unlimited number of keys can be stored in encrypted form outside the TPM. With the TPM 2.0 you have to load them into NVRAM first, before you can do any signature operations. strongSwan does not support external keys, though. strongSwan does not offer any signature key support for the TPM 1.2. The TPM 1.2 can be used for attestation, only (implemented by the Attestion IMC dynamic library) where the TPM 1.2 loads an external attestation key blob and generates a Quote signature over a certain number of PCR registers. Hope this helps. Andreas On 31.08.2017 10:46, John Brown wrote: > Hi Tobias/Hi all, > After some reading I have a conclusion that TPM 2.0 can only be used > with strongswan 5.5.2 or newer. > The example that the strongswan wiki provides shows storing the keys > inside the tpm (as far as I understand the example correctly). But all > the tpm sources I've read states that the keys can also be stored > externally but in encrypted form by the tpm. Is this a general rule that > can also be used with strongswan? > Additionaly, an example shows usage with swanctl.conf. Can ipsec.conf be > also used? > > What about TPM 1.2? I've found that it is mentioned in TNC. But can I > use TPM 1.2 only for key storage in strongswan? If yes, which version of > strongswan is the oldest that can be used for this? > > Best regards, > John > > > 2017-07-18 12:46 GMT+02:00 John Brown <jb20141...@gmail.com > <mailto:jb20141...@gmail.com>>: > > Hi Tobias, > Thank you for your answer. I'm on the first stage of learning TPM > but as far as I understand the general rule the private key should > not be accessible and that was a reason that aforementioned log > message drew my attention. This wiki page I've read is the only way > I can learn TPM and strongswan cooperation or there are some more > detailed explanations somewhere how the process is going? > > Best regards, > John > > > 2017-07-18 12:05 GMT+02:00 Tobias Brunner <tob...@strongswan.org > <mailto:tob...@strongswan.org>>: > > Hi John, > > > and I conclude from this example, that private key stored in TPM is > > loaded to program memory the same way as if it was stored in a file > (log > > message: "...charon-systemd[21165]: loaded RSA private key from > token"). > > Am I correct? > > No, that's only the generic log message that you'll see for any > private > key loaded by the configuration backend, whether that private key is > actually loaded into memory or it's just a reference to a key > (as is the > case here). Private keys on PKCS#11 tokens or in a TPM can't be > accessed directly, so they never end up in memory. > > Regards, > Tobias > > > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] SHA1 vs SHA256
Hi Dusan, hmmm, our documentation says that the correct ESP SHA256_128 HMAC truncation was introduced with the 2.6.33 kernel but your kernel might not be a vanilla 2.6.36 kernel: https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites (ESP integrity algorithm footnote n) Regards Andreas On 04.08.2017 16:41, Dusan Ilic wrote: > Hi Andreas > > One side is 2.6.36 and the other 3.10.20 > > > Den 2017-08-04 kl. 12:48, skrev Andreas Steffen: >> Hi Dusan, >> >> this is a Linux kernel issue. Which kernel versions are you running >> on the two endpoints?. >> >> Regards >> >> Andreas >> >> On 04.08.2017 12:41, Dusan Ilic wrote: >>> Hi Noel, >>> >>> One side is Strongswan 5.2.2 and the other is 5.5.2. >>> How do I switch? >>> >>> >>> Den 2017-08-04 kl. 12:25, skrev Noel Kuntze: >>>> the remote peer probably uses the DRAFT variant of sha2-256, which >>>> uses 96 bit truncation. strongSwan uses the actual standardized >>>> variant that truncates to 128 bit. >>>> You can switch between the two in the newest version of strongSwan >>>> >>>> On 04.08.2017 12:23, Dusan Ilic wrote: >>>>> Hello! >>>>> >>>>> I have a strange issue, with both settings below the tunnel goes up >>>>> as it should, but only with SHA1 in ESP traffic goes through. When I >>>>> ping the remote client with ESP SHA256 it times out, even though the >>>>> tunnel reports as being up by Strongswan. >>>>> >>>>> Traffic working: >>>>> >>>>> ike=aes256-sha256-modp2048! >>>>> esp=aes128-sha1-modp2048! >>>>> >>>>> Traffic not working: >>>>> >>>>> ike=aes256-sha256-modp2048! >>>>> esp=aes256-sha256-modp2048! >>>>> >>>>> Below combo doesn't work either: >>>>> >>>>> ike=aes256-sha256-modp2048! >>>>> esp=aes128-sha256-modp2048! >>>>> >>>>> >>>>> Also, are above settings good? I'm having AES128 on ESP because with >>>>> AES256 I loose too much througput. Do you have any suggestions for >>>>> change? >>>>> >>>>> > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] SHA1 vs SHA256
Hi Dusan, this is a Linux kernel issue. Which kernel versions are you running on the two endpoints?. Regards Andreas On 04.08.2017 12:41, Dusan Ilic wrote: > Hi Noel, > > One side is Strongswan 5.2.2 and the other is 5.5.2. > How do I switch? > > > Den 2017-08-04 kl. 12:25, skrev Noel Kuntze: >> the remote peer probably uses the DRAFT variant of sha2-256, which >> uses 96 bit truncation. strongSwan uses the actual standardized >> variant that truncates to 128 bit. >> You can switch between the two in the newest version of strongSwan >> >> On 04.08.2017 12:23, Dusan Ilic wrote: >>> Hello! >>> >>> I have a strange issue, with both settings below the tunnel goes up >>> as it should, but only with SHA1 in ESP traffic goes through. When I >>> ping the remote client with ESP SHA256 it times out, even though the >>> tunnel reports as being up by Strongswan. >>> >>> Traffic working: >>> >>> ike=aes256-sha256-modp2048! >>> esp=aes128-sha1-modp2048! >>> >>> Traffic not working: >>> >>> ike=aes256-sha256-modp2048! >>> esp=aes256-sha256-modp2048! >>> >>> Below combo doesn't work either: >>> >>> ike=aes256-sha256-modp2048! >>> esp=aes128-sha256-modp2048! >>> >>> >>> Also, are above settings good? I'm having AES128 on ESP because with >>> AES256 I loose too much througput. Do you have any suggestions for >>> change? >>> >>> > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] charon unmet dependency on native android build
Hi Nathan, you are missing the nonce and sha1 plugins which are required for charon to start up successfully. Regards Andreas On 25.05.2017 01:37, Nathan Bahr wrote: Hello, I've been trying to cross compile strongswan to run on android natively and I am having trouble starting the charon daemon. The output I get is (I get the same log output if I do ipsec start instead of executing charon directly): root@kltetmo:/ # charon 00[DMN] Starting IKE charon daemon (strongSwan 5.5.2, Linux 3.4.0, armv7l) 00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet dependency: NONCE_GEN 00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon' has unmet dependency: HASHER:HASH_SHA1 00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon' has unmet dependency: HASHER:HASH_SHA1 00[LIB] failed to load 3 critical plugin features > 00[DMN] initialization failed - aborting charon root@kltetmo:/ # pki --help strongSwan 5.5.2 PKI tool loaded plugins: aes des rc2 sha2 sha1 md5 random x509 revocation pkcs1 pkcs7 pkcs8 pkcs12 dnskey sshkey pem gmp hmac == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
Re: [strongSwan] listen interface specification
wrote: Hi, I am using strongswan 5.1.2 on Ubuntu 14.04 and I need to specify the IP address on which to listen on. I found some ipsec.conf manpages (https://linux.die.net/man/5/ipsec.conf <https://linux.die.net/man/5/ipsec.conf>) which suggest a config item "listen", but strongswan 5.1.2 at least doesn't seem to have this option. Is there not a way to specify the listen IP address? In my case, this IP address is actually on the loopback interface. As long as I can specify the listen interface, I should be fine. config setup *listen=10.100.0.5* conn %default ikelifetime=60m keylife=20m rekeymargin=3m keyingtries=1 keyexchange=ikev2 authby=rsasig conn 10.10.10.8 type=transport left=10.100.0.5 leftcert=left.cert leftsendcert=always rightcert=right.cert right=10.10.10.8 auto=start */etc/ipsec.conf:7: unknown keyword 'listen' [10.100.0.5]* *unable to start strongSwan -- fatal errors in config* -- Piyush Agarwal Life can only be understood backwards; but it must be lived forwards. -- Piyush Agarwal Life can only be understood backwards; but it must be lived forwards. -- Piyush Agarwal Life can only be understood backwards; but it must be lived forwards. -- Piyush Agarwal Life can only be understood backwards; but it must be lived forwards. -- Piyush Agarwal Life can only be understood backwards; but it must be lived forwards. ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] remote_addrs with more than one IP address
Hi Vijaya, the functionality of multiple remote addresses, address ranges or address subnets is rather intended for use by the responder, allowing to restrict the hosts that are allowed to connect. Regards Andreas On 27.04.2017 13:20, Vijaya Venkatachalam wrote: > hi, > > I am using VICI strongswan interface to build an application to start an > IPsec connection. > Now in my configuration, I have specified two IP addresses in remote_addrs. > But when I initiate the connection, it only establishes connection with > the first IP address. > And if no ipsec is running on the first IP address, it does not fallback > on the second IP address. > > Does this mean currently there is no support for failover to the one or > more IP addresses specified in the remote_addrs list?? > > can you pls clarify this. > > cheers, > vijaya ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Security Associations
Hi Filip,
since you set up an IP route policy in the kernel, the first IP packet
from the 192.168.3.0/26 subnet with destination 10.2.0.0/24 will
trigger the IKEv2 negotiation an set up the active tunnel.
Regards
Andreas
On 06.04.2017 13:06, Filip Maroul wrote:
> Hello today I start configuring strangswan as net2net witj IKEv2. I
> think everything works so far and heve this ipsec statusall:
>
> Status of IKE charon daemon (strongSwan 5.2.1, Linux 3.16.0-4-amd64,
> x86_64):
> uptime: 17 minutes, since Apr 06 11:09:15 2017
> malloc: sbrk 1462272, mmap 0, used 298784, free 1163488
> worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0,
> scheduled: 0
> loaded plugins: charon aes rc2 sha1 sha2 md5 random nonce x509
> revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey
> pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve
> socket-default stroke updown
> Listening IP addresses:
> 192.168.100.200
> 192.168.3.59
> Connections:
> net-net: 192.168.100.200...192.168.101.154 IKEv2
> net-net: local: [neptun.test.local] uses pre-shared key
> authentication
> net-net: remote: [pluto.test.local] uses pre-shared key
> authentication
> net-net: child: 192.168.3.0/26 === 10.2.0.0/24 TUNNEL
> Routed Connections:
> net-net{1}: ROUTED, TUNNEL
> net-net{1}: 192.168.3.0/26 === 10.2.0.0/24
> Security Associations (0 up, 0 connecting):
> none
>
> Problem is I have no SA Associations.
>
>
> I attach conf file from both sites. I have strongswan 5.2.1 on Debian 8 x64
>
> Thank you for any help.
>
>
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[INS-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Config/Install compiled strongswan
Hi Di, could you provide a log of the daemon's startup which would show what actually fails? What does "swanctl --stats" or alternatively "ipsec statusall" show? Regards Andreas On 08.03.2017 02:07, 吕迪 wrote: > Hi Andreas, > > I tried the default setup, but it's still not binding to port 500. Is > there any other place I should look at? > > Thanks, > Di > > > 2017-03-07 14:36 GMT-08:00 Andreas Steffen > <andreas.stef...@strongswan.org <mailto:andreas.stef...@strongswan.org>>: > > Hi, > > selecting the --enable-all option is not a good idea. This might > lead to the loading of conflicting socket plugins preventing the > charon daemon of starting up at all. > > Couldn't you just start with the default setup > > ./configure --prefix=/usr --sysconfdir=/etc > make > sudo make install > > at the outset and enabling additional desired plugins later on? > > Regards > > Andreas > > On 07.03.2017 22:58, 吕迪 wrote: > > Hi, > > > > I tried to compile and install a strongswan on my computer by doing > > > >> ./configure --prefix=/usr --sysconfdir=/etc --enable-all > >> make > >> sudo make install > > , > > but the charon process is not binding to port 500 for ike when I do > > "sudo ipsec start". > > > > When I run "sudo lsof -i:500 -n -P", nothing shows up. > > > > Please give me some help on this, anything l missed or I should > configure? > > > > Thanks, > > Di > > == > Andreas Steffen > andreas.stef...@strongswan.org <mailto:andreas.stef...@strongswan.org> > strongSwan - the Open Source VPN Solution! > www.strongswan.org <http://www.strongswan.org> > Institute for Networked Solutions > HSR University of Applied Sciences Rapperswil > CH-8640 Rapperswil (Switzerland) > ===[INS-HSR]== > > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Config/Install compiled strongswan
Hi, selecting the --enable-all option is not a good idea. This might lead to the loading of conflicting socket plugins preventing the charon daemon of starting up at all. Couldn't you just start with the default setup ./configure --prefix=/usr --sysconfdir=/etc make sudo make install at the outset and enabling additional desired plugins later on? Regards Andreas On 07.03.2017 22:58, 吕迪 wrote: > Hi, > > I tried to compile and install a strongswan on my computer by doing > >> ./configure --prefix=/usr --sysconfdir=/etc --enable-all >> make >> sudo make install > , > but the charon process is not binding to port 500 for ike when I do > "sudo ipsec start". > > When I run "sudo lsof -i:500 -n -P", nothing shows up. > > Please give me some help on this, anything l missed or I should configure? > > Thanks, > Di == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Can strongSwan support 100k concurrent connections?
On 16.01.2017 20:39, Varun Singh wrote: On Mon, Jan 16, 2017 at 6:04 PM, Michael Schwartzkopff <m...@sys4.de> wrote: Am Montag, 16. Januar 2017, 20:06:45 schrieb Andreas Steffen: Hi Varun, we have customers who have successfully been running up to 60k concurrent tunnels. In order to maximize performance please have a look at the use of hash tables for IKE_SA lookup https://wiki.strongswan.org/projects/strongswan/wiki/IkeSaTable as well as job priority management https://wiki.strongswan.org/projects/strongswan/wiki/JobPriority We also recommend to use file-based logging since writing to syslog extremely slows down the charon daemon https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration The bottleneck for IKE processing is the Diffie-Hellman key exchange where 70-80 % of the computing effort is spent. Use the ecp256 or the new curve25519 (available with strongSwan 5.5.2) DH groups for maximum performance. ESP throughput is limited by the number of available cores and the processor clock frequency. Use aes128gcm16 for maximum performance. Best regards Andreas On 16.01.2017 19:00, Varun Singh wrote: Hi, As I understand, strongSwan supports scalability from 4.x onwards. I am new to strongSwan and to VPN in general. I have setup a strongSwan 5.3.5 installed on Ubuntu 16.04LTS. Though I have read that strongSwan supports scalability, I couldn't find stats to support it. Before adopting strongSwan, my team wanted to know *if it can support upto 100k simultaneous connections*. Hence I need to find pointers to obtain this kind of information. hi, I think further scaling might be possible with loadbalancers. But this is topic of deeper investigation of the project. Mit freundlichen Grüßen, Michael Schwartzkopff -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64, +49 (162) 165 0044 Schleißheimer Straße 26/MG, 80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users Thanks Michael, I was just searching whether load balancing is supported by strongSwan or not. Came across this thread: https://lists.strongswan.org/pipermail/users/2013-November/005615.html But this didn't lead to any conclusion. So is load balancing supported by strongSwan? Have a look at strongSwan's High Availability (HA) solution https://wiki.strongswan.org/projects/strongswan/wiki/HighAvailability which can be run in an active-active mode where the load-balancing is achieved by Cluster IP. Andreas == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Android TNC server basic setup
Hi Mark, the strongTNC guide tells you how to create the config.db database: https://wiki.strongswan.org/projects/strongswan/wiki/StrongTnc#Initialize-PTS-Database Andreas On 15.01.2017 04:15, Mark M wrote: Andreas, The guides that I follow do not create the /etc/pts/config.db database? Thanks, Mark On Thursday, January 12, 2017 2:26 PM, Mark M <mark0...@yahoo.com> wrote: Andreas, Thank you for the info, Now when I follow the guide to install the policy manager I only get the default apache page. I am following this guide - https://wiki.strongswan.org/projects/strongswan/wiki/StrongTNC Thanks, Mark On Thursday, January 12, 2017 6:09 AM, Andreas Steffen <andreas.stef...@strongswan.org> wrote: Hi Mark, you can find a [little-outdated] TNC server configuration HOWTO under the following link: https://wiki.strongswan.org/projects/strongswan/wiki/TNCS In the meantime the TNC measurement policies are not hard-coded any more in /etc/strongswan.conf but can be configured via the strongTNC policy manager available from the strongSwan gitHub repository https://wiki.strongswan.org/projects/strongswan/wiki/StrongTnc The IMVs on the strongTNC server must now connect to the strongTNC /etc/pts/config.db database. A sample configuration can be found here https://wiki.strongswan.org/projects/strongswan/wiki/IMA#Set-up-the-Attestation-Server Hope this helps! Andreas On 11.01.2017 10:43, Mark M wrote: > Hi, > > I would like to setup a basic demo of the android client using TNC > connecting to a strongSwan server as show in in this guide - > https://wiki.strongswan.org/projects/strongswan/wiki/BYOD > > Is there a guide I can follow for a basic strongSwan server setup to > test out TNC with the android client? And is there anything special that > needs to be configured on the android client or does the android client > support TNC by default? > > Thanks, > > Mark ========== Andreas Steffen andreas.stef...@strongswan.org <mailto:andreas.stef...@strongswan.org> strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Android TNC server basic setup
Hi Mark, you can find a [little-outdated] TNC server configuration HOWTO under the following link: https://wiki.strongswan.org/projects/strongswan/wiki/TNCS In the meantime the TNC measurement policies are not hard-coded any more in /etc/strongswan.conf but can be configured via the strongTNC policy manager available from the strongSwan gitHub repository https://wiki.strongswan.org/projects/strongswan/wiki/StrongTnc The IMVs on the strongTNC server must now connect to the strongTNC /etc/pts/config.db database. A sample configuration can be found here https://wiki.strongswan.org/projects/strongswan/wiki/IMA#Set-up-the-Attestation-Server Hope this helps! Andreas On 11.01.2017 10:43, Mark M wrote: Hi, I would like to setup a basic demo of the android client using TNC connecting to a strongSwan server as show in in this guide - https://wiki.strongswan.org/projects/strongswan/wiki/BYOD Is there a guide I can follow for a basic strongSwan server setup to test out TNC with the android client? And is there anything special that needs to be configured on the android client or does the android client support TNC by default? Thanks, Mark == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Resubmission as plaintext - Strongswan with ESP-NULL and ESP-NONE , NULL encryption and NONE integrity
inside, IKE Peer 10.1.9.119 local Proxy Address 192.168.2.0, remote Proxy Address 0.0.0.0, Crypto map (outside_map) Jan 06 16:17:41 [IKEv1]IP = 10.1.9.119, Connection landed on tunnel_group 10.1.9.119 Jan 06 16:17:41 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, Automatic NAT Detection Status: Remote end is NOT behind a NAT device This end is NOT behind a NAT device Jan 06 16:17:41 [IKEv1]IP = 10.1.9.119, Connection landed on tunnel_group 10.1.9.119 Jan 06 16:17:41 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, PHASE 1 COMPLETED Jan 06 16:17:41 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, Generating secret keys: unknown encryption algorithm! Jan 06 16:17:41 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, Generating secret keys: unknown encryption algorithm! Jan 06 16:17:41 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, Security negotiation complete for LAN-to-LAN Group (10.1.9.119) Initiator, Inbound SPI = 0x068a607a, Outbound SPI = 0xc86c05d2 Jan 06 16:17:41 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, QM FSM error (P2 struct &0x76f85318, mess id 0x3345b948)! Jan 06 16:17:41 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, Removing peer from correlator table failed, no match! Jan 06 16:17:41 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, Session is being torn down. Reason: Unknown --- ASA with NULL-SHA: ciscoasa(config)# Jan 06 16:19:44 [IKEv1]IP = 10.1.9.119, Connection landed on tunnel_group 10.1.9.119 Jan 06 16:19:44 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, Automatic NAT Detection Status: Remote end is NOT behind a NAT device This end is NOT behind a NAT device Jan 06 16:19:44 [IKEv1]IP = 10.1.9.119, Connection landed on tunnel_group 10.1.9.119 Jan 06 16:19:44 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, PHASE 1 COMPLETED Jan 06 16:19:44 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, Generating secret keys: unknown encryption algorithm! Jan 06 16:19:44 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, Generating secret keys: unknown encryption algorithm! Jan 06 16:19:44 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, Security negotiation complete for LAN-to-LAN Group (10.1.9.119) Initiator, Inbound SPI = 0xae679c9a, Outbound SPI = 0xcef968c7 Jan 06 16:19:44 [IKEv1]Group = 10.1.9.119, IP = 10.1.9.119, PHASE 2 COMPLETED (msgid=ee427ffd) --- 's == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] AH Transport AES CMAC PSK
Hi Gyula, the Linux kernel does not support AES_CMAC but strongSwan has IKE support via the cmac plugin which is enabled by default. Regards Andreas On 27.11.2016 14:46, Gyula Kovács wrote: > Hello, > > I tried to set up an ikev2/host2host-ah connectionwith pre-shared key. > The connection failed, when choosing aescmac as integrity algorithm. > The connection was successfully built up when choosing aesxcbc integrity > algorithm. > I tried this scenario on two Debian 8.6 VMs (kernel 3.16.0-4-586 with > CONFIG_CRYPTO_CMAC=m option set) with the latest StrongSwan (v5.5.1). > I checked the log files, and found "algorithm AES_CMAC_96 not supported > by kernel!" message. > Additionally, I found that AES-CMAC-96 is not supported by StrongSwan > (https://wiki.strongswan.org/projects/strongswan/wiki/IpsecStandards). > > From where comes this limitation? > Does it come from StrongSwan implementation or from Linux kernel (as > suggested by the error message)? > Does anybody have ideas? > > Best regards, > Gyula Kovacs ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] how to use 'rightca' connection option?
Hi John, could you send me a log file showing that a CA different from the CA requested by rightca is accepted? Best regards Andreas On 23.11.2016 16:41, John Brown wrote: Hello all, I'm using Linux strongSwan U5.2.1/K3.4.112 and I'm trying to implement rightca option in ipsec.conf file but without a success. As far as I understand the documentation, if rightca contains DN of a certificate authority which lies in the trust path from the end device cert to rootca, authentication process will pass (assuming that other elements are configured fine) otherwise will fail and this is the functionality I need. But in my scenario, whatever is the value of rightca, the authentication process pass with success. I've put rightca on the initiator of IKEv2 tunnel, root ca chain path lenght is 2 (root ca->sub1->sub2->end device cert). Currently only root ca is installed in /etc/ipsec.d/cacerts. Part of the connection config: conn lap1 auto=add left=%any right=192.168.1.1 rightsubnet=10.0.0.0/24 <http://10.0.0.0/24> ... leftauth=pubkey rightauth=pubkey leftcert=cert.crt rightid="CN=*, ST=S, C=Cccc, E=E@, O=Oo, L=Lll, OU=*, OU=Ouu" rightca="CN=aa, ST=aa, C=aa, E=aa, O=aa, L=aa, OU=aa, OU=aa" I've changed values of fields in righid, but rightca is taken from real config without modification. I'm probably missing something obvious, or does not understand this feature, but I have no idea, what this can be. Does anybody knows? Best regards, John, ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] triggering MOBIKE in strongswan
Hi Ravi, yes, your understanding is correct. Our MOBIKE example scenario https://www.strongswan.org/testing/testresults/ikev2/mobike/index.html shows the interface change: 13[IKE] peer supports MOBIKE 07[KNL] 192.168.0.50 disappeared from eth1 15[KNL] interface eth1 deactivated 16[KNL] fec0::5 disappeared from eth1 07[KNL] fe80::5054:ff:fe3b:cd7 disappeared from eth1 12[IKE] old path is not available anymore, try to find another 12[IKE] looking for a route to 192.168.0.2 ... 12[IKE] requesting address change using MOBIKE 12[ENC] generating INFORMATIONAL request 2 [ ] 12[IKE] checking path 10.1.0.10[4500] - 192.168.0.2[4500] 12[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[4500] (80 bytes) 12[IKE] checking path 10.1.0.10[4500] - 10.2.0.1[4500] 12[NET] sending packet: from 10.1.0.10[4500] to 10.2.0.1[4500] (80 bytes) 15[NET] received packet: from 192.168.0.2[4500] to 10.1.0.10[4500] (80 bytes) 15[ENC] parsed INFORMATIONAL response 2 [ ] 15[ENC] generating INFORMATIONAL request 3 [ N(UPD_SA_ADDR) N(NATD_S_IP) N(NATD_D_IP) N(COOKIE2) N(ADD_6_ADDR) ] 15[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[4500] (192 bytes) 13[NET] received packet: from 192.168.0.2[4500] to 10.1.0.10[4500] (160 bytes) 13[ENC] parsed INFORMATIONAL response 3 [ N(NATD_S_IP) N(NATD_D_IP) N(COOKIE2) ] Regards Andreas On 16.11.2016 15:54, Ravi Kanth Vanapalli wrote: > Hi, > >I wanted to know how is MOBIKE triggered in Strongswan. >I have setup an IKEv2 connection to the gateway with MOBIKE enabled. > I confirmed it from the logs. >My understanding of MOBIKE is, if the default route to the gateway is > changed i.e lets say from IP1 to IP2. IP1 is on interface 1 , IP2 is on > interface 2, UE triggers MOBIKE based IKE SA update to update the source > IP. strongswan doesn't bind to any specific interface for sending the > packets out to the ipsec gateway. > Could you please confirm if this understanding is correct. > > > -- > Regards, > > RaviKanth VN Vanapalli > Email: vvnrk.vanapa...@gmail.com <mailto:vvnrk.vanapa...@gmail.com> > > > ___ > Users mailing list > Users@lists.strongswan.org > https://lists.strongswan.org/mailman/listinfo/users > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] libhydra
Hi Joy, kernel_ipsec_t just defines a standardized strongSwan interface, but the actual interface code is in the plugins. So if you have an IPsec ESP implementation of your own, e.g. a HW accelerator then you have to write a plugin of your own. Best regards Andreas BTW - In the latest strongSwan releases libhydra doesn't exist any more. The functionality has been moved back to libcharon. On 15.11.2016 17:01, Joy Latten wrote: > Hi Tobias, > > Thank you! > So is it safe to conclude that without a plugin, libhydra does nothing? > (I think you get return of "NOT_SUPPORTED".) > And libhydra is required in order for charon/ike to manage SAs and SPs > with kernel. > > Again, thanks! > > regards, > Joy > > On 11/15/2016 01:53 AM, Tobias Brunner wrote: >> Hi Joy, >> >>> Any new plugin for talking >>> to the kernel would require a kernel_ipsec_t as well. Is this correct? >> >> Yes. >> >> Regards, >> Tobias >> > ___ > Users mailing list > Users@lists.strongswan.org > https://lists.strongswan.org/mailman/listinfo/users > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Why doesn't table 220 change forwarded packets source IP address?
Hi Richard, the table 220 source IP routing rule applies to packets originating from the VPN gateway itself, only . If you want roadwarriors from a subnet behind the GW to assume this address then you have to NAT them to the GW's address. Since the table 220 rule usually maps the GW's source address to the local interface on the subnet I don't see the sense of the roadwarriors belonging to this subnet to assume the gateway's internal address. Regards Andreas On 05.11.2016 18:01, Richard Chan wrote: Hi, in the roadwarrior configuration, from a conceptual point of view, why doesn't table 220 change the source IP address of forwarded packets (say the roadwarrior has a subnet behind it)? # ip ro sho table 220 10.0.0.0/8 <http://10.0.0.0/8> via 192.168.1.1 dev eth0 proto static src 10.2.0.3 # ip rule show 0: from all lookup local 220:from all lookup 220 32766: from all lookup main 32767: from all lookup default roadwarrior has a separate subnet 192.168.2.0/24 <http://192.168.2.0/24> and is forwarding/NAT'ing packets. When I ping a host on the central site LAN - OUTPUT chain sees the source IP address as 10.2.0.3 (table 220 is working!) - FORWARD chain sees the source IP address as 192.168.2.X (host cannot be reached until these packets are SNAT'ed to 10.2.0.3) Richard Chan ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
[strongSwan] Testing
Testing the availability of the strongSwan mailing list server. Please disregard Andreas == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Abbreviations
Hi Brian, CPRQ stands for Configuration Payload Request and CPRP for Configuration Payload Response. The following link defines the long and short form for the various IKE payloads: https://github.com/strongswan/strongswan/blob/master/src/libcharon/encoding/payloads/payload.c and here the same for the notifications https://github.com/strongswan/strongswan/blob/master/src/libcharon/encoding/payloads/notify_payload.c and for the configuration attributes https://github.com/strongswan/strongswan/blob/master/src/libcharon/attributes/attributes.c Regards Andreas On 13.10.2016 09:41, Brian O'Connor wrote: Hi, In the logging output of IKE exchanges, the terms [ HASH CPRQ(X_USER X_PWD) ] [ HASH CPRP(X_USER X_PWD) ] are often encountered. What does CPRQ and CPRP stand for, please? Is there a dictionary of strongSwan abbreviations somewhere? TIA, Brian ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Duplicate log entries using default configuration
Hi James,
yes, with systemd and journalctl active you have to remove the
syslog daemon section from strongswan.conf. If you want to change
the defaults of the systemd logging you can do this in a charon.journal
section in strongswan.conf. And I personally prefer an additional
level 0 output going to auth.log. Here is an example of mine:
charon-systemd {
journal {
default = 1
tnc = 2
imv = 2
pts = 2
}
syslog {
auth {
default = 0
}
}
}
Best regards
Andreas
On 12.10.2016 08:48, James Birkett wrote:
Out of the box I seem to get every log message from strongswan
duplicated, once logged by "charon", then again by "strongswan" after a
delay, e.g.
Oct 10 12:26:32 sapphire charon: 05[ENC] generating INFORMATIONAL_V1
request 1411728704 [ HASH N(DPD) ]
followed later by:
Oct 10 12:29:32 sapphire strongswan[19104]: 05[ENC] generating
INFORMATIONAL_V1 request 1411728704 [ HASH N(DPD) ]
I believe this is because the systemd unit file (strongswan.service) has
the line:
StandardOutput=syslog, causing systemd to relay everything to syslog,
but the default /etc/strongswan/strongswan.d/charon-logging.conf also
has a syslog section so charon logs directly to syslog itself as well.
I suspect the delay between the two copies of the log entries may be
related to buffering on standard out, since the logs from "strongswan"
always appear in batches with the same timestamp, but I'm not sure.
In my case I'm using strongswan-5.4.0 on Centos 7 from EPEL
http://koji.fedoraproject.org/koji/buildinfo?buildID=774748 but I have
checked the strongswan 5.5 tarball and it appears the systemd unit file
and charon-logging.conf are unchanged.
I'm not really sure if this is a bug or something specific to my syslog
configuration, but given that charon is logging to syslog itself in the
default configuration, would it make more sense to set "StandardOutput =
null" from the unit file instead? I have made this change on my own
system and it appears to have the desired result.
Thanks,
James Birkett
Scanned by CyberHound <http://cyberhound.com/>
*Confidentiality Notice:* This email, including any attachments, is
confidential and may be privileged. If you are not the intended
recipient please notify the sender immediately and delete it. You should
not copy it or use it for any purpose or disclose its contents to any
other person without CyberHound's prior written permission. CyberHound
Pty Ltd reserves the right to monitor all email communications passing
through its networks and devices.
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
--
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[ITA-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] initialzing EAP TLS peer with a different IDi than the IDi used in teh first IKE AUTH message
aaa_identity is used by an EAP client to verify the identity in the TLS server certificate if it is different from the IKEv2 server certificate. Regards Andreas On 11.10.2016 13:36, Ravi Kanth Vanapalli wrote: > Adding option (3) here. > > 3) auth->add(auth, AUTH_RULE_AAA_IDENTITY, id) > > Which of the following identities (1),2 or 3 is used to fetch the > private key in EAP_TLS authentcation. > > > On Tue, Oct 11, 2016 at 7:28 AM, Ravi Kanth Vanapalli > <vvnrk.vanapa...@gmail.com <mailto:vvnrk.vanapa...@gmail.com>> wrote: > > Sure Andreas. Thank you for this valuable input. I will give a try. > > Could you please confirm the difference between 1 and 2 below > > 1) auth->add(auth, AUTH_RULE_IDENTITY, id); > 2) auth->add(auth, AUTH_RULE_EAP_IDENTITY, id); > > My understanding is that (1) is used to fill the IDi in the first > IKE_AUTH message. > Second one is used for Identitiy verification in EAP methods. eg. > EAP-TLS uses identity added in AUTH_RULE_EAP_IDENTITY for fetching > the private certificate. > (1) and (2) can be different. > > Kindly confirm that my understanding is correct. > > Thanks, > Ravikanth > > On Tue, Oct 11, 2016 at 3:54 AM, Andreas Steffen > <andreas.stef...@strongswan.org > <mailto:andreas.stef...@strongswan.org>> wrote: > > Hi Ravi, > > why don't you use the eap_identity parameter? > > Regards > > Andreas > > On 10.10.2016 22:13, Ravi Kanth Vanapalli wrote: > > Hi all, > > > > I have a situation wherein I need to alter the IDi slightly > before the > > EAP-TLS authentication proceeds. I.e IDi in the first IKE_AUTH > message > > should be different to IDi to be used for user private key > lookup in the > > EAP-TLS user authentication. > > > > I see that the API 'eap_tls_create_peer' is being used, to > initialize > > the peer identitiy in TLSplugin. > > This is being registered with plugin eap_tls_plugin.c > > > > I am finding it difficult to know which module calls this API > > eap_tls_create_peer to initialize EAP TLS peer identity. > > > > Kindly provide any inputs regarding my issue. > > > > Thank you very much. > > > > -- > > Regards, > > RaviKanth > > == > Andreas Steffen > andreas.stef...@strongswan.org > <mailto:andreas.stef...@strongswan.org> > strongSwan - the Open Source VPN Solution! > www.strongswan.org <http://www.strongswan.org> > Institute for Internet Technologies and Applications > University of Applied Sciences Rapperswil > CH-8640 Rapperswil (Switzerland) > ===========[ITA-HSR]== > > > > > -- > Regards, > > RaviKanth VN Vanapalli > Email: vvnrk.vanapa...@gmail.com <mailto:vvnrk.vanapa...@gmail.com> > > > > > -- > Regards, > > RaviKanth VN Vanapalli > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] initialzing EAP TLS peer with a different IDi than the IDi used in teh first IKE AUTH message
Hi Ravi, why don't you use the eap_identity parameter? Regards Andreas On 10.10.2016 22:13, Ravi Kanth Vanapalli wrote: > Hi all, > > I have a situation wherein I need to alter the IDi slightly before the > EAP-TLS authentication proceeds. I.e IDi in the first IKE_AUTH message > should be different to IDi to be used for user private key lookup in the > EAP-TLS user authentication. > > I see that the API 'eap_tls_create_peer' is being used, to initialize > the peer identitiy in TLSplugin. > This is being registered with plugin eap_tls_plugin.c > > I am finding it difficult to know which module calls this API > eap_tls_create_peer to initialize EAP TLS peer identity. > > Kindly provide any inputs regarding my issue. > > Thank you very much. > > -- > Regards, > RaviKanth ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] MacOS 10.12 Sierra IKEv2 user/password auth
Hi Pete, there in no AUTH payload in the IKE_AUTH request. This means that the Mac wants to do EAP-based username/password authentication but your strongSwan server is not configured for EAP (e.g. EAP-MD5, EAP-MSCHAPv2 or EAP-GTC). Regards Andreas On 09.10.2016 18:37, Pete Ashdown wrote: On 10/9/16 10:29 AM, Noel Kuntze wrote: On 09.10.2016 18:23, Pete Ashdown wrote: Has anyone actually gotten this to work? I've tried both the Mac's gui and Configurator program and a number of iterations of Strongswan configs and I always end up with this error in the logs: charon: 10[ENC] generating IKE_AUTH response 1 [ N(AUTH_FAILED) ] I have no idea where to go from here. A little help please? You start reading the log lines above that message. Thanks for your helpful response, but there is nothing there that sticks out as to why the auth fails. The prior auth entry looks like this: charon: 10[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) N(MOBIKE_SUP) IDr CPRQ(ADDR DHCP DNS MASK ADDR6 DHCP6 DNS6) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ] If you'd like me to paste the whole thing, I can do that, but I'm not seeing any smoking guns. Again, I ask if anyone has actually gotten user/password with IKEv2 to work on Sierra. == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] file content is not binary ASN.1
Hi Ravi,
: 08[ASN] file content is not binary ASN.1
is just an informational message telling you that an
automatic conversion from PEM to ASN.1 format
is being tried. If the pem plugin is present then
this operation should succeed.
Regards
Andreas
P.S. Please do not cross-post to the developers list.
On 05.10.2016 22:07, Ravi Kanth Vanapalli wrote:
Hi all,
I am trying to use TLS to setup a connection to a gateway
programmatically.
Used the code below.
private_key_t *key;
char path[512]="/system/etc/user1_private.pem";
key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA,
BUILD_FROM_FILE, path, BUILD_END);
if (!key) {
DBG1(DBG_DMN, "Parsing private key failed");
}
--
On running, I do not see "Parsing private key failed". But I see the
print as below
10-05 15:31:37.266 4630 4650 D : 08[ASN] file content is not
binary ASN.1
10-05 15:31:37.266 4630 4650 D : 08[ASN] -BEGIN RSA PRIVATE
KEY---
10-05 15:31:37.266 4630 4650 D : 08[ASN] -END RSA PRIVATE
KEY-
My private key file is below. Can you help me find the issue
-BEGIN RSA PRIVATE KEY-
MIIEpAIBAAKCAQEAsVqa9nZctF/gxA26RTN3oSs6MbNiJYFP6jKpVJRAjflB17rC
7Pg6bf5NBr4SdgR0YyklI17wvzwEWxCDjJZHAw/CxeN/icSCsN6VehHoJ6ROhPOo
jdRs2MsyYyut8OZiSoG/jHVmLQWVgJIZvSOxxCGDj+xYqEbd6YhO8ejPrrh4v3/r
NJW6glu6PbbrgNfwtozMeNOQrXnETmSLBNJ5RlM+sntzivq6t8QJzDcjmf2OV3Xk
GwvNaLeOvoq55dbPf1wpuVyaU3npZphQe4EDsrX3p05DhYEW6rwUXc9iyF98D/HR
JTEnCN+Ri/pwXWyuUlEN/1Bq09nU/L6KfAQ8HwIDAQABAoIBADnNvhP2H+DqHufH
UZ6cV7E/1Ye9X4+5xcIfIPFgIGolg0A8rqttfB29dH1uFbZBXW20S1Zr6yto9EJ5
72Yy1JI64NB+hWLxmWbsJOvUSkYhVzYd9CHFynQeRh3sbpTFgeOmxjeRS+wAlemB
tMHgkF/MTITsEzlFX65trs1Jg+b9zc7wJs5ZeebBqw9m+Kn687MBDhOmx4uij59S
xP0ok2FnDlXNIEX1yLJpzSVPtEhhrFhcrFCq7LESUitZULoWD0v9VLaUVNe3n9yH
KPDRqu4lH5Y3bloI+Bx/hiZmxBCTV+kTF+4+PZJq1WzB6PCqmxNhN9zn+O7DDTzB
TSI/QoECgYEA34MnKE93DCNj4qL85NMCyCqo2ynsicqPBOtt1pZGXquYMbffefGx
kBl7BIpDfnn6077hWbTJzTeTO2gEXKcncQPWnDWCwIiCBbmgiec3k6WG+/Fki4mq
J+E1kO9eLn5Qw3uUzMNaey9P4kIore2zg7Ds42xHoNi7c3537evi6KsCgYEAyyHo
gz+gmIHr7mk6aKg6b4WydJuMYcB4g+sVt+JmUhhmfNAXx4MpKJo6c7jhgStAzXXD
d0FaYs4DfuU/ptcNmkmDPkVrpLj8NYHt7i2RZhULiObrY8iNRaW39LDUBvIkeuAr
JbuCJ7gYH8K7cnEF6/LvDsqllDUUEt+1I4UNIl0CgYEAkFyseOvCb3OYOzScdMsZ
W+G5yDxuy5yp/Tp2aggLkW/xUAN78s45qmHaw9btuw3cBNGfyYnsYYDItrD7SECq
R+N7xM8HEYXZvQrk9s0BZ3qdEbMbBsk2vqVGLMN+KDdrwKbcN9jhYvju9qtWjOgf
bypiBo3UQb5abEE+Asy9dRsCgYEAvDiBMAxnDKlmKhWLL6qh6vBheTcgjvs/ME1G
ZIr98Jf3bzOKtS3Nl3fBLbVkDsI7W6YBJqGB1Qe7qXtWzYt7aTkwySSeJ5XY7OOl
ygqjLYnWlFYUSvNsI9r4Z1zqOj1onArXMDFc2tz0TYmtEs+zgvwpkvUnE/tSzGJJ
f84ra2kCgYAY/qErTWgqRkc95A1qCyqsl/oU1swLMDmqe6F4rceFvdXuHkIyWGzL
Op8l/Nj1YzDRiGcQEyEooaGrgS1rvas2Q+nzxHMFBypVQsZE4y6F1qJ5dyr0xRGE
XeWrqWY/8UjLZzgDktjghg7DCoQEjI+c0rUs8ld6fFv4iK9ecI0Gng==
-END RSA PRIVATE KEY-
--
Regards,
RaviKanth VN Vanapalli
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
--
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[ITA-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] need for openssl plugin use case
Hi Ravi, the crypto and signature functions are registered by the openssl_plugin.c code, e.g. via the openssl_crypter_create() function https://github.com/strongswan/strongswan/blob/master/src/libstrongswan/plugins/openssl/openssl_plugin.c#L332 or the openssl_rsa_private_key_load() function https://github.com/strongswan/strongswan/blob/master/src/libstrongswan/plugins/openssl/openssl_plugin.c#L470 crypters are instantiated using the global method lib->crypto->crypter_create() made available by libstrongswan. An example can be found here: https://github.com/strongswan/strongswan/blob/master/scripts/aes-test.c#L409 RSA private keys can be instantiated using the global method lib->creds->create() made available by libstrongswan. An example can be found here: https://github.com/strongswan/strongswan/blob/master/scripts/pubkey_speed.c#L85 Hope this helps. Andreas On 05.10.2016 15:29, Ravi Kanth Vanapalli wrote: Hi, I have one query regarding the use of openssl plugin. I want to write an android plugin which makes use of strongswan openssl plugin more specifically I was looking to use 'openssl_rsa_private_key_load' in openssl. From the link below https://wiki.strongswan.org/projects/strongswan/wiki/Pluginlist openssl s Crypto backend based on OpenSSL, provides RSA/ECDSA/DH/ECDH/ciphers/hashers/HMAC/X.509/CRL/RNG But in the strongswan-master code repo, i see no reference to open-ssl plugin . eg. openssl_crypter_create function in openssl_crypter.c I am expecting this crypter to be created in someother module which needs to encrypt. I see no references to any code calling openssl_crypter_create. Kindly provide me code references how to use API's provided by openssl plugin. Any sample example would be highly appreciated. -- Regards, RaviKanth ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Strongswan 5.4 issue using certificates
Hi Rajeev, yes, you have to load the private key file in your management tool and transfer it via the VICI interface as a binary blob. Regards Andreas On 15.09.2016 21:20, rajeev nohria wrote: > Anderas, > > When using davici- > For the loading of private rsa keys, that has to be loaded like the > certificate? > > Thanks, > Rajeev > > On Thu, Sep 15, 2016 at 3:19 PM, rajeev nohria <rajnoh...@gmail.com > <mailto:rajnoh...@gmail.com>> wrote: > > Anderas, > > For the loading of private rsa keys, that has to be loaded like the > certificate? > > Thanks, > Rajeev > > On Thu, Aug 4, 2016 at 12:16 AM, Andreas Steffen > <andreas.stef...@strongswan.org > <mailto:andreas.stef...@strongswan.org>> wrote: > > Hi Rajeev, > > different to the stroke protocol and ipsec.conf where the filename > of the certificate gets transferred via the stroke socket and the > charon daemon loads the certificate, vici transfers the certificate > itself either as a binary DER or a base64-endocded PEM blob. Thus > your management application has to load the certificate and transfer > it over the vici socket using davici. > > Regards > > Andreas > > On 04.08.2016 05:03, rajeev nohria wrote: > > Thanks Andreas, > > > > It worked, I know started to implement in Davici. I had PSK working > in > > Davici. With certificates, I am having following issue during > > parse_certs(). > > > > 09[LIB] file coded in unknown format, discarded > > 09[LIB] building CRED_CERTIFICATE - X509 failed, tried 4 builders > > > > > > > > Corresponding code is for Davici is > > davici_list_start(r,"certs"); > > > > > davici_list_itemf(r,"%s","/usr/local/etc/swanctl/x509/hostCert.pem"); > > davici_list_end(r); > > > > > > I have tried file name with and without path. > > > > certs = hostCert.pem worked in swanctl.conf as attached in previous > email. > > > > > > Do you know what could be issue here? Looks like software is not > able to > > recognize the pem format but again it worked when using > swanctl.conf file. > > > > Thanks, > > Rajeev > > > > > > On Tue, Aug 2, 2016 at 5:41 AM, Andreas Steffen > > <andreas.stef...@strongswan.org > <mailto:andreas.stef...@strongswan.org> > <mailto:andreas.stef...@strongswan.org > <mailto:andreas.stef...@strongswan.org>>> > > wrote: > > > > Hi, > > > > according to your log, the initiator and responder create > their > > own Root CA certificate and store it locally in > > /usr/local/etc/swanctl/x509ca. Therefore it is not surprising > > that no trust into the received host certificate can be > established > > because it has been signed with the private key of a different > > root CA (although the Distinguished Name of the issuer is > the same). > > > > Fix: Generate only one private key and matching self-signed > > Root CA certificate. Use the private Root CA key to sign both > > initiator and responder host certificates and deploy the > Root CA > > certificate on both hosts. > > > > Best regards > > > > Andreas > > > > On 01.08.2016 21:24, rajeev nohria wrote: > > > > > > I was able to establish IKE connection using PSK but > when using pubkey I > > > am not able to able to establish the IKE connection. > > > > > > When I issue sudo swanctl --initiate --child net > > > > > > > > > At receptor, it returns the Auth_failed. Please see the > swanctl.conf, > > > strongswan.conf and charon.log. > > > > > > Aug 1 12:09:21 12[CFG] <rw|1> no issuer certificate > found for "C=US, > > > ST=MA, L=Lowell, O=Arris, CN=10.13.199.1
Re: [strongSwan] Empty CRL cache
> 2016-09-09T14:35:48.993709+02:00 sphynx.ac-test.lan charon: 11[IKE]
>> authentication of 'C=FR, L=Toulouse, O=Education Nationale,
>> OU=ac-toulouse, OU=0002 110043015, CN=0120101V-01-TEST.ac-toulouse.fr'
>> with RSA signature successful
>> 2016-09-09T14:35:48.993915+02:00 sphynx.ac-test.lan charon: 11[IKE]
>> IKE_SA
>> aca.sphynx-default-2.6.0-etb1.amon-default-2.5.2_1-admin-reseau_eth1[1]
>> established between 192.168.0.11[C=FR, L=Dijon, O=Education Nationale,
>> OU=0002 110043015, CN=sphynx.ac-test.fr]...192.168.0.31[C=FR,
>> L=Toulouse, O=Education Nationale, OU=ac-toulouse, OU=0002 110043015,
>> CN=0120101V-01-TEST.ac-toulouse.fr]
>> 2016-09-09T14:35:48.994137+02:00 sphynx.ac-test.lan charon: 11[IKE]
>> IKE_SA
>> aca.sphynx-default-2.6.0-etb1.amon-default-2.5.2_1-admin-reseau_eth1[1]
>> established between 192.168.0.11[C=FR, L=Dijon, O=Education Nationale,
>> OU=0002 110043015, CN=sphynx.ac-test.fr]...192.168.0.31[C=FR,
>> L=Toulouse, O=Education Nationale, OU=ac-toulouse, OU=0002 110043015,
>> CN=0120101V-01-TEST.ac-toulouse.fr]
>> 2016-09-09T14:35:48.994316+02:00 sphynx.ac-test.lan charon: 11[IKE]
>> scheduling reauthentication in 10146s
>> 2016-09-09T14:35:48.994585+02:00 sphynx.ac-test.lan charon: 11[IKE]
>> maximum IKE_SA lifetime 10686s
>> 2016-09-09T14:35:48.994955+02:00 sphynx.ac-test.lan charon: 11[IKE]
>> CHILD_SA
>> aca.sphynx-default-2.6.0-etb1.amon-default-2.5.2_1-admin-reseau_eth1{1}
>> established with SPIs ccdd7bb4_i c01e70f1_o and TS 172.30.101.0/24 ===
>> 10.1.1.0/24
>> 2016-09-09T14:35:48.995159+02:00 sphynx.ac-test.lan charon: 11[IKE]
>> CHILD_SA
>> aca.sphynx-default-2.6.0-etb1.amon-default-2.5.2_1-admin-reseau_eth1{1}
>> established with SPIs ccdd7bb4_i c01e70f1_o and TS 172.30.101.0/24 ===
>> 10.1.1.0/24
>> 2016-09-09T14:35:48.995469+02:00 sphynx.ac-test.lan charon: 11[IKE]
>> received AUTH_LIFETIME of 10248s, scheduling reauthentication in 9708s
>>
>>
>> CRL cache is not empty with Ubuntu 14.04 and strongSwan version
>> 5.1.2-0ubuntu2.4 and the same configuration. I can see this line in log
>> file :
>> 2016-09-09T13:39:42.728748+02:00 amon.etb1.lan charon: 21[CFG] written
>> crl file
>> '/etc/ipsec.d/crls/cc2e370f06b2b9b5e92dffbe5237c61db4b70717.crl' (1307
>> bytes)
>> ls -l /etc/ipsec.d/crls/
>> total 4
>> -rw-r--r-- 1 root root 1307 sept. 9 13:39
>> cc2e370f06b2b9b5e92dffbe5237c61db4b70717.crl
>>
>>
>> Perhaps, something is wrong in my strongSwan configuration ?
>>
>>
>> Regards,
>> Fabrice Barconnière
>> http://pcll.ac-dijon.fr/eole/
>>
>>
>>
>>
>> ___
>> Users mailing list
>> Users@lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/users
>
>
> --
> Cordialement,
> Fabrice Barconnière
> Pôle logiciels libres - EOLE
>
>
>
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
>
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[ITA-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] TPM Owner password in strongswan IMC
Hi Vikas, there is currently no provision to use a non-default password. Putting the TPM owner password into strongswan.conf wouldn't make any sense so some kind of password-prompting mechanism would have to be built into the IMC. Or if the IMV would transmit the password via an IF-M attribute to the IMC, this would give the IMC on the client a chance to retrieve the password. Best regards Andreas On 08/12/2016 05:09 PM, Charak, Vikas wrote: > > Hi StrongSwan Team, > > I have a question regarding Attestation using IMC/IMV. On properly > configuring attestation plugin in StrongSwan client, I do see that TPM > quotes being send to the StrongSwan server. > > This all works fine if you are using default TPM owner and SRK auth at > the client side. Is there a provision in StrongSwan to use a > non-default password for TPM owner authentication? If yes, is there a > configuration in strongswan to set the TPM Owner password? > > Regards, > > Vikas ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] sha256 failing with netlink error
Hi Lakshmi,
SHA-256 was implemented incorrectly for ESP with a 96 bit instead
of the standard 128 bit truncation in Linux kernels older than
2.6.33.
Workarounds:
1) Update to a kernel >= 2.6.33 (2.6.21 is ancient!)
2) If you run strongSwan on both VPN end points you can select the
incorrect non-standard 96 bit truncation size by configuring
esp=aes128-sha256_96
In order for this non-standard algorithm ID to be accepted it might
also be necessary to activate the sending of the strongSwan vendor id
by setting
charon {
send_vendor_id = yes
}
in /etc/strongswan.conf
Regards
Andreas
On 12.08.2016 03:04, Lakshmi Prasanna wrote:
Experts,
Need urgent help.
When I try to use strongswan with SHA256, I see that the negotiation
fails at child SA creation time. I am using
strongSwan 5.1.3, Linux 2.6.21 version). Following is the log:
arsed CREATE_CHILD_SA response 4 [ N(USE_TRANSP) SA No TSi TSr ]
received netlink error: Invalid argument (22)
unable to add SAD entry with SPI c28f19c1
received netlink error: Invalid argument (22)
unable to add SAD entry with SPI c088894f
unable to install inbound and outbound IPsec SA (SAD) in kernel
failed to establish CHILD_SA, keeping IKE_SA
sending DELETE for ESP CHILD_SA with SPI c28f19c1
I have already tried the changes mentioned in
https://lists.strongswan.org/pipermail/users/2013-September/005203.html
and it doesnt seem to work.
Is there any other fix for this issue?
Rgds,
Lakshmi
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[ITA-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Authentication algoritm supported by strongSwan
Hi Codrut, no strongSwan does not support the ESP authentication algorithm HMAC-RIPEMD-160-96. Regards Andreas On 05.08.2016 13:41, Codrut Grosu wrote: > Hi, > > > Is the next algorithm supported by strongSwan : MAC-RIPMED-160-96 > [RFC2857] ? > > > The name is from wireshark ESP decryption table. > > > Cheers, > > Codrut. > > > > ___ > Users mailing list > Users@lists.strongswan.org > https://lists.strongswan.org/mailman/listinfo/users > -- ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Strongswan not sending encryption algorithm
Hi Lakshmi,
yes, your understanding is correct. Since AES-GCM is an
authenticated encryption algorithm, you don't need an
additional integrity protection function. Thus
Valid IKEv1 combo:
--
keyexchange=ikev1
ike=aes256-sha256-modp2048!
esp=aes256gcm128!
Valid IKEv2 combo:
--
keyexchange=ikev2
ike=aes256gcm128-prfsha256-modp2048!
esp=aes256gcm128!
Regards
Andreas
On 05.08.2016 10:41, Lakshmi Prasanna wrote:
Thank you for the reply Andreas.
Can you please validate my understanding?
Valid combo:
---
keyexchange=ikev1
ike=aes256-sha256-modp2048!
esp=aes256gcm128-sha256!
Invalid combo:
keyexchange=ikev1
ike=aes256gcm128-sha256-modp2048!
esp=aes256gcm128-sha256!
Thanks,
Lakshmi
On Fri, Aug 5, 2016 at 1:49 PM, Andreas Steffen
<andreas.stef...@strongswan.org <mailto:andreas.stef...@strongswan.org>>
wrote:
Hi Lakshmi,
The old IKEv1 protocol does not support AES-GCM for IKE since
IANA hasn't assigned any encryption transform numbers:
http://www.iana.org/assignments/ipsec-registry/ipsec-registry.xhtml#ipsec-registry-4
<http://www.iana.org/assignments/ipsec-registry/ipsec-registry.xhtml#ipsec-registry-4>
AES-GCM can be used for IKE protection with IKEv2, only:
http://www.iana.org/assignments/ikev2-parameters/ikev2-parameters.xhtml#ikev2-parameters-5
<http://www.iana.org/assignments/ikev2-parameters/ikev2-parameters.xhtml#ikev2-parameters-5>
Anyway, you profit from the speed advantage of AES-GCM mainly
with ESP because many payload packets must be processed.
AES-GCM for ESP can be negotiated both via IKEv1 and IKEv2.
Regards
Andreas
On 08/05/2016 08:42 AM, Lakshmi Prasanna wrote:
> Hi Team,
>
> I am trying to use AES-GCM with IKEV1 and see that strongswan
does not
> send the encryption algorithm.
>
> Is there any plugin or knob to enable the same?
>
> Logs:
>
>
>
> received proposals: IKE:HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
>
> configured
>
proposals:IKE:AES_GCM_16_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
>
>
> Thanks and Regards,
>
> Lakshmi
==
Andreas Steffen andreas.stef...@strongswan.org
<mailto:andreas.stef...@strongswan.org>
strongSwan - the Open Source VPN Solution! www.strongswan.org
<http://www.strongswan.org>
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[ITA-HSR]==
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[ITA-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Strongswan not sending encryption algorithm
Hi Lakshmi, The old IKEv1 protocol does not support AES-GCM for IKE since IANA hasn't assigned any encryption transform numbers: http://www.iana.org/assignments/ipsec-registry/ipsec-registry.xhtml#ipsec-registry-4 AES-GCM can be used for IKE protection with IKEv2, only: http://www.iana.org/assignments/ikev2-parameters/ikev2-parameters.xhtml#ikev2-parameters-5 Anyway, you profit from the speed advantage of AES-GCM mainly with ESP because many payload packets must be processed. AES-GCM for ESP can be negotiated both via IKEv1 and IKEv2. Regards Andreas On 08/05/2016 08:42 AM, Lakshmi Prasanna wrote: > Hi Team, > > I am trying to use AES-GCM with IKEV1 and see that strongswan does not > send the encryption algorithm. > > Is there any plugin or knob to enable the same? > > Logs: > > > > received proposals: IKE:HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048 > > configured > proposals:IKE:AES_GCM_16_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048 > > > Thanks and Regards, > > Lakshmi ========== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Drop data traffic if ipsec is not present
Hi Sarat, leftfirewall=yes installs and removes dynamic IPsec policy iptables rules guaranteeing that only traffic coming or going into an IPsec tunne are forwarded. Regards Andreas On 04.08.2016 14:00, Sarat Vajrapu wrote: > Hi Andreas, > > Thanks for the inputs. > > I was expecting leftfirewall=yes would take care of adding default > policies for IKE, ESP and drop traffic. > From your explanation, I understood that we need to explicitly configure > iptables. So what does leftfirewall actually do? > > Regards, > Sarat Vajrapu > > On Tue, Aug 2, 2016 at 2:50 PM, Andreas Steffen > <andreas.stef...@strongswan.org <mailto:andreas.stef...@strongswan.org>> > wrote: > > Hi Sarat, > > leftfirewall=yes is the right way to go. Just set up a > general drop policy with iptables, just allowing IKE > traffic via UDP ports 500 and 4500 as well as allowing > ESP (IP protocol 50). Also make sure that the updown > plugin is loaded by the charon daemon. > > Best regards > > Andreas > > On 01.08.2016 09:21, Sarat Vajrapu wrote: > > Hi, > > > > I am trying a lab setup with IPsec between two nodes. > > Is there a way where I can send/receive data packets only if ipsec is > > UP, else just drop the traffic? > > > > I tried "leftfirewall" option but it did not help me. > > Your inputs are highly appreciated. > > > > Regards, > > Sarat > > > > > > ___ > > Users mailing list > > Users@lists.strongswan.org <mailto:Users@lists.strongswan.org> > > https://lists.strongswan.org/mailman/listinfo/users > > > > -- > == > Andreas Steffen > andreas.stef...@strongswan.org <mailto:andreas.stef...@strongswan.org> > strongSwan - the Open Source VPN Solution! > www.strongswan.org <http://www.strongswan.org> > Institute for Internet Technologies and Applications > University of Applied Sciences Rapperswil > CH-8640 Rapperswil (Switzerland) > ===[ITA-HSR]== > > -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Strongswan 5.4 issue using certificates
Hi Rajeev, different to the stroke protocol and ipsec.conf where the filename of the certificate gets transferred via the stroke socket and the charon daemon loads the certificate, vici transfers the certificate itself either as a binary DER or a base64-endocded PEM blob. Thus your management application has to load the certificate and transfer it over the vici socket using davici. Regards Andreas On 04.08.2016 05:03, rajeev nohria wrote: > Thanks Andreas, > > It worked, I know started to implement in Davici. I had PSK working in > Davici. With certificates, I am having following issue during > parse_certs(). > > 09[LIB] file coded in unknown format, discarded > 09[LIB] building CRED_CERTIFICATE - X509 failed, tried 4 builders > > > > Corresponding code is for Davici is > davici_list_start(r,"certs"); > > davici_list_itemf(r,"%s","/usr/local/etc/swanctl/x509/hostCert.pem"); > davici_list_end(r); > > > I have tried file name with and without path. > > certs = hostCert.pem worked in swanctl.conf as attached in previous email. > > > Do you know what could be issue here? Looks like software is not able to > recognize the pem format but again it worked when using swanctl.conf file. > > Thanks, > Rajeev > > > On Tue, Aug 2, 2016 at 5:41 AM, Andreas Steffen > <andreas.stef...@strongswan.org <mailto:andreas.stef...@strongswan.org>> > wrote: > > Hi, > > according to your log, the initiator and responder create their > own Root CA certificate and store it locally in > /usr/local/etc/swanctl/x509ca. Therefore it is not surprising > that no trust into the received host certificate can be established > because it has been signed with the private key of a different > root CA (although the Distinguished Name of the issuer is the same). > > Fix: Generate only one private key and matching self-signed > Root CA certificate. Use the private Root CA key to sign both > initiator and responder host certificates and deploy the Root CA > certificate on both hosts. > > Best regards > > Andreas > > On 01.08.2016 21:24, rajeev nohria wrote: > > > > I was able to establish IKE connection using PSK but when using pubkey I > > am not able to able to establish the IKE connection. > > > > When I issue sudo swanctl --initiate --child net > > > > > > At receptor, it returns the Auth_failed. Please see the swanctl.conf, > > strongswan.conf and charon.log. > > > > Aug 1 12:09:21 12[CFG] <rw|1> no issuer certificate found for "C=US, > > ST=MA, L=Lowell, O=Arris, CN=10.13.199.185" > > Aug 1 12:09:21 12[IKE] <rw|1> no trusted RSA public key found for > > '10.13.199.185' > > Aug 1 12:09:21 12[IKE] <rw|1> peer supports MOBIKE > > Aug 1 12:09:21 12[ENC] <rw|1> added payload of type NOTIFY to message > > Aug 1 12:09:21 12[ENC] <rw|1> order payloads in message > > Aug 1 12:09:21 12[ENC] <rw|1> added payload of type NOTIFY to message > > Aug 1 12:09:21 12[ENC] <rw|1> generating IKE_AUTH response 1 [ > > N(AUTH_FAILED) ] > > > > I used following commands to create certificates. > > > > *Initiator:* > > --- > > > > sudo ipsec pki --gen --type rsa --size 4096 --outform pem > > > /usr/local/etc/swanctl/rsa/strongswanKey.pem > > > > > > sudo chmod 600 /usr/local/etc/swanctl/rsa/strongswanKey.pem > > > > > > sudo ipsec pki --self --ca --in > > /usr/local/etc/swanctl/rsa/strongswanKey.pem --digest sha256 --dn "C=US, > > ST=MA, O=Arris, CN=StrongSwan Root CA" --outform pem > > > /usr/local/etc/swanctl/x509ca/strongswanCert.pem > > > > > > sudo ipsec pki --print --in > /usr/local/etc/swanctl/x509ca/strongswanCert.pem > > > > > > sudo ipsec pki --gen --type rsa --size 4096 --outform pem > > > /usr/local/etc/swanctl/rsa/hostKey.pem > > > > > > sudo chmod 600 /usr/local/etc/swanctl/rsa/hostKey.pem > > > > > > > > sudo ipsec pki --pub --in /usr/local/etc/swanctl/rsa/hostKey.pem --type > > rsa | ipsec pki --issue --digest sha256 --cacert > > /usr/local/etc/swanctl/x509ca/strongswanCert.pem --cakey > > /usr/local/etc/swanctl/rsa/strongswanKey.pem --dn "C=US, ST=MA, > > L=Lowell, O=Arris, CN=10.13.199.185&
