Re: [strongSwan] how to increase timeout for "deleting half open IKE_SA with after timeout" ?

[Thomas Egerer]

Hi Harri,


On 5/14/21 11:06 AM, Harald Dunkel wrote:
> Hi folks,
>
> I have a few road warriors (3 out of ~140) having severe problems to
> connect via IKEv2. Within the last 4 weeks they had >1000 problems
> during IKE SA init each, e.g.:
>
> May 12 09:55:28 18[NET1] <92244> received packet: from 192.168.1.177[61416] 
> to 10.0.0.17[500] (432 bytes)
> May 12 09:55:28 18[ENC1] <92244> parsed IKE_SA_INIT request 0 [ SA KE No 
> N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
> May 12 09:55:28 18[IKE0] <92244> 192.168.1.177 is initiating an IKE_SA
> May 12 09:55:28 18[IKE2] <92244> IKE_SA (unnamed)[92244] state change: 
> CREATED => CONNECTING
> May 12 09:55:28 18[CFG1] <92244> selected proposal: 
> IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
> May 12 09:55:28 18[IKE1] <92244> remote host is behind NAT
> May 12 09:55:28 18[IKE2] <92244> sending strongSwan vendor ID
> May 12 09:55:28 18[IKE1] <92244> sending cert request for "C=DE, O=example 
> AG, CN=ws-CA"
> May 12 09:55:28 18[IKE1] <92244> sending cert request for "C=DE, O=example 
> AG, OU=example Certificate Authority, CN=root-CA"
> May 12 09:55:28 18[IKE1] <92244> sending cert request for "C=DE, ST=NRW, 
> O=example AG, OU=TI, CN=ipsec-ca"
> May 12 09:55:28 18[ENC1] <92244> generating IKE_SA_INIT response 0 [ SA KE No 
> N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) V ]
> May 12 09:55:28 18[NET1] <92244> sending packet: from 10.0.0.17[500] to 
> 192.168.1.177[61416] (541 bytes)
> May 12 09:55:58 31[JOB1] <92244> deleting half open IKE_SA with 192.168.1.177 
> after timeout
> May 12 09:55:58 31[IKE2] <92244> IKE_SA (unnamed)[92244] state change: 
> CONNECTING => DESTROYING
>
> Obviously there is a 30sec timeout on the IPsec gateway. Is there
> a chance to increase this timeout (using stroke, ie. ipsec.conf)?
> https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection
> mentions only the DPD timeout (150 sec per default) and the inac-
> tivity timeout (child sa only, as it seems).

What you're looking for is not a part of the swanctl.conf or ipsec.conf. It's 
part
of the strongswan.conf (/etc/strongswan.conf) and documented at [1]. Use
the keyword 'half_open_timeout' in the 'charon' section:


charon {
half_open_timeout = 42
}


If it takes your RW peers more than 30 seconds to respond one would assume that
the response got lost along the way. Normally in such a case the initiator would
retransmit the request. That's not part of the responders job.

>
> Would it be wise to resend the IKE_SA_INIT response (lets say) 3
> times?
As mentioned above, you may check your RWs configuration to retransmit the 
request.
>
> Every helpful comment is highly appreciated
>
> Harri

Cheers,
Thomas

[1] https://wiki.strongswan.org/projects/strongswan/wiki/strongswanconf

Re: [strongSwan] DPD question

[Thomas Egerer]

On 8/4/20 7:27 PM, Makarand Pradhan wrote:
> Thanks for your response.
>
> I have verified that retransmit_tries = 1 Works for DPD.
It's not advisable to use retransmit_tries = 1 since this
causes the SA to be torn down after the loss of two packets.

> root@t1024rdb:/usr/local/etc/strongswan.d# swanctl --log
> 14[IKE] sending DPD request
> 14[ENC] generating INFORMATIONAL request 2 [ ]
> 14[NET] sending packet: from 172.16.31.1[500] to 172.16.21.2[500] (76 bytes)
> 07[IKE] retransmit 1 of request with message ID 2
> 07[NET] sending packet: from 172.16.31.1[500] to 172.16.21.2[500] (76 bytes)
> 13[IKE] sending DPD request
> 13[ENC] generating INFORMATIONAL request 2 [ ]
> 13[NET] sending packet: from 172.16.31.100[500] to 172.16.21.100[500] (76 
> bytes)
> 08[IKE] giving up after 1 retransmits
> 11[IKE] retransmit 1 of request with message ID 2
> 11[NET] sending packet: from 172.16.31.100[500] to 172.16.21.100[500] (76 
> bytes)
> 06[IKE] giving up after 1 retransmits
>
> Kind rgds,
> Makarand Pradhan
> Senior Software Engineer.
> iS5 Communications Inc.
> 5895 Ambler Dr,
> Mississauga, Ontario
> L4W 5B7
> Main Line: +1-844-520-0588 Ext. 129
> Direct Line: +1-289-724-2296
> Cell: +1-226-501-5666
> Fax:+1-289-401-5206
> Email: makarandprad...@is5com.com
> Website: www.iS5Com.com
>
>  
> Confidentiality Notice: 
> This message is intended only for the named recipients. This message may 
> contain information that is confidential and/or exempt from disclosure under 
> applicable law. Any dissemination or copying of this message by anyone other 
> than a named recipient is strictly prohibited. If you are not a named 
> recipient or an employee or agent responsible for delivering this message to 
> a named recipient, please notify us immediately, and permanently destroy this 
> message and any copies you may have. Warning: Email may not be secure unless 
> properly encrypted.
>
> -Original Message-
> From: Thomas Egerer 
> Sent: August 4, 2020 12:10 PM
> To: Makarand Pradhan ; users@lists.strongswan.org
> Subject: Re: [strongSwan] DPD question
>
> Hi Makarand,
>
> the retransmit_tries option is exactly what you're looking for. It defaults 
> to five (see [1]). Essentialy charon's task manager tries to retransmit each 
> packet at most five times (if not configured
> otherwise) regardless of the message type. There's no extra option for 
> R-U-There messages or DPD requests.
>
> Thomas
>
> [1] https://wiki.strongswan.org/projects/strongswan/wiki/Strongswanconf
>
> On 8/4/20 5:33 PM, Makarand Pradhan wrote:
>> Good morning All,
>>
>> Is there a way to configure the number of DPD retries before giving up? We 
>> would like to configure 5 R-U-There failures before taking the connection 
>> down. The retransmit_tries in charon.conf, controls the IKE retransmits. 
>> Don't think it's affecting DPD behaviour.
>>
>> Thanks for looking at my qery.
>>
>> Kind rgds,
>> Makarand Pradhan
>> Senior Software Engineer.
>> iS5 Communications Inc.
>> 5895 Ambler Dr,
>> Mississauga, Ontario
>> L4W 5B7
>> Main Line: +1-844-520-0588 Ext. 129
>> Direct Line: +1-289-724-2296
>> Cell: +1-226-501-5666
>> Fax:+1-289-401-5206
>> Email: makarandprad...@is5com.com
>> Website: www.iS5Com.com
>>
>>  
>> Confidentiality Notice:
>> This message is intended only for the named recipients. This message may 
>> contain information that is confidential and/or exempt from disclosure under 
>> applicable law. Any dissemination or copying of this message by anyone other 
>> than a named recipient is strictly prohibited. If you are not a named 
>> recipient or an employee or agent responsible for delivering this message to 
>> a named recipient, please notify us immediately, and permanently destroy 
>> this message and any copies you may have. Warning: Email may not be secure 
>> unless properly encrypted.
>>
>

Re: [strongSwan] How to find encryption key for ikev1

[Thomas Egerer]

Hi Yogesh,

you should familiarize yourself with the fundamental concepts
behind IKE before asking questions. Don't blindly follow an
outdated online tutorial. Use the save-keys plugin that's
easiest and the documentation is up-to-date.
btw. your keysize depends on the negotiated crypto algorithm
using the IV instead will decrypt you nothing.

Thomas

On 7/16/20 1:44 PM, Yogesh Purohit wrote:
> Hi Thomas,
>
> Thanks for the update.
> Yes I have enabled log level as 4 for ike in strongswan.conf with enc as 3.
> ike = 4
> enc = 3  
>
> I am seeing a lot of logs in the log file but I am not sure which one is the 
> encryption key. As per the link 
> https://osqa-ask.wireshark.org/questions/12019/how-can-i-decrypt-ikev1-andor-esp-packets
>   it should be of 16 bytes.
> But none of them is of 16 bytes.
>
> SKEYID => 20 bytes @ 0x7a33d40047d0
>    0: AE C9 8E BB 0D 18 4B 39 84 E2 6C 4D E6 B9 E8 C1  ..K9..lM
>   16: F7 AD 59 FC                                      ..Y.
> SKEYID_d => 20 bytes @ 0x7a33d40047b0
>    0: 8B F3 BF C2 4A 62 B0 F9 08 E8 C1 20 84 FA 12 4B  Jb. ...K
>   16: 2E 64 57 CE                                      .dW.
> SKEYID_a => 20 bytes @ 0x7a33d4005760
>    0: 2B 89 D8 AD 2F C3 08 F1 8D FA 4E 17 B6 30 DE C1  +.../.N..0..
>   16: AD 5A B6 AB                                      .Z..
> SKEYID_e => 20 bytes @ 0x7a33d4003c30
>    0: 33 B4 1A 7A 3C 36 C5 9A 6B 6F 77 0A 5D 46 13 8A  3..z<6..kow.]F..
>   16: C4 77 89 1B                                      .w..
> encryption key Ka => 32 bytes @ 0x7a33c000c320
>    0: 21 82 8C 59 BC 06 3C 92 58 E6 7E AB D6 0A 85 9F  !..Y..<.X.~.
>   16: 3E 74 20 54 5F E6 92 46 75 A6 76 E8 E1 96 96 B3  >t T_..Fu.v.
>
> Only this I see as 16 bytes:
>
> initial IV => 16 bytes @ 0x7a33d4003c30
>    0: 7A 5A F1 F8 DA EA 50 C1 D3 83 0E DC A1 C5 A0 8F  zZP.
>
> So either encryption key is 32 bytes in the versions which uses charon daemon 
> instead of pluto ? Please do let me know if my assumption is correct or I am 
> looking in the wrong place.
>
> Since I am using an older version of Strongswan hence I am not sure about the 
> save-keys plugin.
>
>
>
> Thanks
>
>
> On Thu, Jul 16, 2020 at 4:42 PM Thomas Egerer  <mailto:hakke_...@gmx.de>> wrote:
>
> Hi Yogesh,
>
> the loglevel 3 will never reveal any keys to you. You'd need
> to enable loglevel 4. An easier way is to use the save-keys
> plugin. It even creates the appropriate output files to use
> in wireshark. See [1] how to enable and configure it.
>
> Thomas
>
> [1] https://wiki.strongswan.org/issues/3258
>
> On 7/16/20 7:02 AM, Yogesh Purohit wrote:
> > Hi,
> >
> > I was intending to decrypt isakmp packets for ike version 1 using 
> wireshark.
> > In wireshark it needs the Initiator cookie and encryption key to 
> decrypt the packets.
> >
> > I have enabled debug logs by adding: enc = 3 in strongswan.conf file.
> > I followed this link 
> https://osqa-ask.wireshark.org/questions/12019/how-can-i-decrypt-ikev1-andor-esp-packets
>  
> > But this was used when strongswan used Pluto daemon but now Charon is 
> being used. 
> >
> > So how to identify the initiator cookie and encryption key from logs 
> for ike version 1.
> >
> > Thanks  
> >
> > --
> > Best Regards,
> >
> > Yogesh Purohit
>
>
>
> --
> Best Regards,
>
> Yogesh Purohit

Re: [strongSwan] Multiple SAs on Link up. Race condition.

[Thomas Egerer]

Hi Makarand,

the option 'uniqueids=yes' is the preferred way to ensure
uniqueness. However, as you've seen there are rare cases
in which the detection fails. After all it should not
effect your IPsec performance and your tunnels should work.
If you do not want this behavior disable autoinit on one
side:
auto=add
This causes the tunnel to be brought up on traffic.

Thomas


On 7/15/20 10:38 PM, Makarand Pradhan wrote:
> Hello All,
>
> I'm running strongswan 5.8.2.
>
> I'm noticing multiple SAs and Child SAs set up, when both sides try to 
> initiate a connection on link up. Is there a way to avoid multiple SAs  being 
> setup on link up?
>
> My configuration is as follows:
>
> Ipsec.conf:
> config setup
> charondebug=@all@
> cachecrls=yes
> uniqueids=yes
> strictcrlpolicy=no
>
> #IS5#
> conn m2
> type=tunnel
> authby=secret
> auto=start
> keyexchange=ikev2
> ike=aes256-sha512-modp1536!
> aggressive=no
> ikelifetime=1h
> esp=aes256-sha256-modp2048!
> lifetime=2h
> right=172.16.32.2
> rightid=172.16.32.2
> rightsubnet=10.10.10.0/24,192.168.62.0/24
> left=172.16.32.1
> leftid=172.16.32.1
> leftsubnet=192.168.10.0/24,192.168.52.0/24
> mobike=no
>
> root@t1024rdb:~# ipsec status
> Security Associations (3 up, 0 connecting):
>   m2[7]: ESTABLISHED 6 minutes ago, 
> 172.16.32.1[172.16.32.1]...172.16.32.2[172.16.32.2]
>   m2{8}:  INSTALLED, TUNNEL, reqid 6, ESP SPIs: c7cbf891_i c6e85d39_o
>   m2{8}:   192.168.10.0/24 192.168.52.0/24 === 10.10.10.0/24 
> 192.168.62.0/24
>   m2[6]: ESTABLISHED 6 minutes ago, 
> 172.16.32.1[172.16.32.1]...172.16.32.2[172.16.32.2]
>   m2{7}:  INSTALLED, TUNNEL, reqid 6, ESP SPIs: c5538838_i c69ab573_o
>   m2{7}:   192.168.10.0/24 192.168.52.0/24 === 10.10.10.0/24 
> 192.168.62.0/24
>
> root@t1024rdb:~# swanctl -l
> m2: #7, ESTABLISHED, IKEv2, a5fc0a9cb8a9bfea_i a931c7d404349242_r*
>   local  '172.16.32.1' @ 172.16.32.1[500]
>   remote '172.16.32.2' @ 172.16.32.2[500]
>   AES_CBC-256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_1536
>   established 362s ago, reauth in 2527s
>   m2: #8, reqid 6, INSTALLED, TUNNEL, ESP:AES_CBC-256/HMAC_SHA2_256_128
> installed 362s ago, rekeying in 5759s, expires in 6838s
> in  c7cbf891,  0 bytes, 0 packets
> out c6e85d39,  0 bytes, 0 packets
> local  192.168.10.0/24 192.168.52.0/24
> remote 10.10.10.0/24 192.168.62.0/24
> m2: #6, ESTABLISHED, IKEv2, 2a17575859ea9c0f_i* 9409bec89f7dcff2_r
>   local  '172.16.32.1' @ 172.16.32.1[500]
>   remote '172.16.32.2' @ 172.16.32.2[500]
>   AES_CBC-256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_1536
>   established 362s ago, reauth in 2101s
>   m2: #7, reqid 6, INSTALLED, TUNNEL, ESP:AES_CBC-256/HMAC_SHA2_256_128
> installed 362s ago, rekeying in 5847s, expires in 6838s
> in  c5538838,  0 bytes, 0 packets
> out c69ab573,  0 bytes, 0 packets
> local  192.168.10.0/24 192.168.52.0/24
> remote 10.10.10.0/24 192.168.62.0/24
>
> Thanks.
>
> Kind rgds,
> Makarand Pradhan
> Senior Software Engineer.
> iS5 Communications Inc.
> 5895 Ambler Dr,
> Mississauga, Ontario
> L4W 5B7
> Main Line: +1-844-520-0588 Ext. 129
> Direct Line: +1-289-724-2296
> Cell: +1-226-501-5666
> Fax:+1-289-401-5206
> Email: makarandprad...@is5com.com
> Website: www.iS5Com.com
>
>  
> Confidentiality Notice: 
> This message is intended only for the named recipients. This message may 
> contain information that is confidential and/or exempt from disclosure under 
> applicable law. Any dissemination or copying of this message by anyone other 
> than a named recipient is strictly prohibited. If you are not a named 
> recipient or an employee or agent responsible for delivering this message to 
> a named recipient, please notify us immediately, and permanently destroy this 
> message and any copies you may have. Warning: Email may not be secure unless 
> properly encrypted.
>

Re: [strongSwan] How to find encryption key for ikev1

[Thomas Egerer]

Hi Yogesh,

the loglevel 3 will never reveal any keys to you. You'd need
to enable loglevel 4. An easier way is to use the save-keys
plugin. It even creates the appropriate output files to use
in wireshark. See [1] how to enable and configure it.

Thomas

[1] https://wiki.strongswan.org/issues/3258

On 7/16/20 7:02 AM, Yogesh Purohit wrote:
> Hi,
>
> I was intending to decrypt isakmp packets for ike version 1 using wireshark.
> In wireshark it needs the Initiator cookie and encryption key to decrypt the 
> packets.
>
> I have enabled debug logs by adding: enc = 3 in strongswan.conf file.
> I followed this link 
> https://osqa-ask.wireshark.org/questions/12019/how-can-i-decrypt-ikev1-andor-esp-packets
>  
> But this was used when strongswan used Pluto daemon but now Charon is being 
> used. 
>
> So how to identify the initiator cookie and encryption key from logs for ike 
> version 1.
>
> Thanks  
>
> --
> Best Regards,
>
> Yogesh Purohit

Re: [strongSwan] insufficient authentication rounds

[Thomas Egerer]

Hi Volodymyr,

the authentication rounds are mandatory, not optional.
That's why charon expects three rounds of auth and
fails since only two were done.
You need to split the config into one where you only
offer pubkey + eap auth and the other one employing
psk only. charon should then be able to select the
appropriate config based on the peer's auth.

Thomas

Note: re-reply to address list

On 7/16/20 11:01 AM, Volodymyr Litovka wrote:
> Hi, colleagues,
>
> probably, this is very simple question and I'm just missing something very 
> clear :)
>
> I’m trying to use few rounds of auth, like this:
>
> connections {
> ikev2-eap-mschapv2 {
> version = 2
> local_addrs = x.x.x.x
> remote_addrs = %any
> pools = radius
>   [ … ]
> local {
> auth = pubkey
> certs = fullchain.pem
> id = fqdn.my
> }
> remote-eap {
> round = 1
> auth = eap-radius
> id = %any
> eap_id = %any
> }
> remote-psk {
> round = 2
> auth = psk
> id = %any
> }
> children {
>   [ … ]
>   }
>   }
> }
> secrets {
>   [ … ]
> }
>
> The basic idea is to give a client chance to authenticate in two ways: try 
> EAP and if it fails, then try PSK.
>
> But on the output I see the following error in syslog:
>
> Jul 16 11:47:47 test charon-systemd[25937]: authentication of 'doka' with EAP 
> successful
> Jul 16 11:47:47 test strongswan: 12[IKE]  
> authentication of 'doka' with EAP successful
> Jul 16 11:47:47 test charon-systemd[25937]: selected peer config 
> 'ikev2-eap-mschapv2' inacceptable: insufficient authentication rounds
> Jul 16 11:47:47 test strongswan: 12[IKE]  IKE_SA 
> ikev2-eap-mschapv2[75] state change: CONNECTING => DESTROYING
> Jul 16 11:47:47 test charon-systemd[25937]: no alternative config found
> Jul 16 11:47:47 test charon-systemd[25937]: generating IKE_AUTH response 5 [ 
> N(AUTH_FAILED) ]
>
> Also, I tried to create local-c1 {round = 1} and local-c2 {round = 2} in 
> order to conform number of rounds in remote sections, but with the same 
> result.
>
> So, the question is - whether my understanding of rounds is correct and, if 
> yes, what I’m missing in this config to get it working as I expect?
>
> Thank you.
>

Re: [strongSwan] large CRL file

[Thomas Egerer]

Hello Anthony,


On 1/11/20 12:37 AM, Modster, Anthony wrote:
> Hello
>
>  
>
> Does the latest strongswan 5.8.2 address the problem found when loading large 
> CRL files (not using the authorities section) ?
At least not according to the release notes [1] (which only lists
the changes from 5.8.1 to 5.8.2).
Diffstat does not indicate any modifications there, either

>  
>
> Thanks
>
>  
>
HTH
Thomas


[1] https://wiki.strongswan.org/versions/75

Re: [strongSwan] FW: Ubuntu 16: Received netlink error: Invalid Argument (22)

[Thomas Egerer]

Hi Jeroen,

On 4/19/19 12:21 PM, Jeroen Landheer wrote:
> Hello everyone
>
>  
>
> I did some further investigation, it seems like the certificate isn’t the 
> problem. I tried this with a certificate generated by the PKI tool, and the 
> same messages are still in the log.
Yes, the cert can't be the problem. It's used to authenticate your peer,
whereas the area in which the error occurs is when charon tries to insert
the IPsec states into the kernel.
In the next step you should try to identify the negotiated algorithms.
Set the loglevel for facility 'knl' to 3, see [1] for advice on how to
do that. Also take a close look at your log, check for possible messages
issued by the kernel (trying to load modules etc).
Once we know what fails we can try to use iproute2 to mimic the state
insertion in the kernel and check whether it succeeds.

HTH
Thomas

[1] https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration

>
>  
>
> Apr 19 12:15:07 fwhq05 charon: 08[IKE] peer requested virtual IP %any
>
> Apr 19 12:15:07 fwhq05 charon: 08[IKE] assigning virtual IP 192.168.8.1 to 
> peer '…'
>
> Apr 19 12:15:07 fwhq05 charon: 08[IKE] peer requested virtual IP %any6
>
> Apr 19 12:15:07 fwhq05 charon: 08[IKE] no virtual IP found for %any6 
> requested by '…'
>
> Apr 19 12:15:07 fwhq05 charon: 08[KNL] received netlink error: Invalid 
> argument (22)
>
> Apr 19 12:15:07 fwhq05 charon: 08[KNL] unable to add SAD entry with SPI 
> c53c8641
>
> Apr 19 12:15:07 fwhq05 charon: 08[KNL] received netlink error: Invalid 
> argument (22)
>
> Apr 19 12:15:07 fwhq05 charon: 08[KNL] unable to add SAD entry with SPI 
> ab3a3b48
>
> Apr 19 12:15:07 fwhq05 charon: 08[IKE] unable to install inbound and outbound 
> IPsec SA (SAD) in kernel
>
>  
>
> So no old kernel, no certificate… what else can it be?
>
>  
>
> Kind regards,
>
>  
>
>  
>
> Jeroen.
>
>  
>
>  
>
>  
>
> *From:*Users  *On Behalf Of *Jeroen 
> Landheer
> *Sent:* Friday, 19 April 2019 11:50
> *To:* Thomas Egerer ; users@lists.strongswan.org
> *Subject:* Re: [strongSwan] Ubuntu 16: Received netlink error: Invalid 
> Argument (22)
>
>  
>
> Thanks for the response Thomas
>
>  
>
> You’re right that this kernel is old, it’s Ubuntu 16.04 so I decided to 
> replace that machine with the much newer Debian 9.8. I’m now on kernel 
> version 4.9.0-8-amd64, but this hasn’t helped. I’m actually thinking this 
> might have to do with the certificate I’m using, since the certificate was 
> generated by a Microsoft Certificate Authority, not the internal PKI tools. I 
> created the private key on the Debian machine using the ipsec pki tool, next 
> I generated a certificate request using that same tool and used this request 
> to let my CA issue a certificate.
>
>  
>
> Here’s some info about the certificate, using the certutil tool on Windows:
>
>  
>
> X509 Certificate:
>
> Version: 3
>
> Serial Number: 3800bda7de55e826a360e200bd
>
> Signature Algorithm:
>
>     Algorithm ObjectId: 1.2.840.113549.1.1.11 sha256RSA
>
>     Algorithm Parameters:
>
>     05 00
>
> Issuer:
>
>     CN=…
>
>   Name Hash(sha1): 02de19ec77e1b73e3ee81fbf33040929b61510af
>
>   Name Hash(md5): 2507479912498e5c82c4d715d6f2b36f
>
>  
>
> NotBefore: 18/04/2019 17:11
>
> NotAfter: 17/04/2021 17:11
>
>  
>
> Subject:
>
>     CN=Company Firewall
>
>     O=Company
>
>   Name Hash(sha1): c1ecb37bbdab3a3e5fd38af556ea105228b463f1
>
>   Name Hash(md5): bc0ce29929023983b116aef799b85701
>
>  
>
> Public Key Algorithm:
>
>     Algorithm ObjectId: 1.2.840.113549.1.1.1 RSA
>
>     Algorithm Parameters:
>
>     05 00
>
> Public Key Length: 4096 bits
>
> Public Key: UnusedBits = 0
>
>       30 82 02 0a 02 82 02 01  00 a1 ea 0d 54 16 07 92
>
>     0010  d9 57 cc 5f 64 1e 6e 03  45 98 ce 23 83 7d 38 a2
>
> …
>
>     01f0  cb 03 95 87 f5 05 f3 09  58 b4 37 52 69 0d 75 e2
>
>     0200  59 c7 55 53 8c bc 31 0f  55 02 03 01 00 01
>
> Certificate Extensions: 9
>
>     2.5.29.17: Flags = 0, Length = 3e
>
>     Subject Alternative Name
>
>     DNS Name=…
>
>     DNS Name=…
>
>     DNS Name=…
>
>  
>
>     2.5.29.14: Flags = 0, Length = 16
>
>     Subject Key Identifier
>
>     18ac7e7d52238f02579e8190ea68f3ce283d9d77
>
>  
>
>     2.5.29.35: Flags = 0, Length = 18
>
>     Authority Key Identifier
>
>     KeyID=82785767ff34df9161f00a37dc4df7a9d387732b
>
>  
>
>     2.5.29.31: Flags = 0, Length = 59
>
>     CRL Distribution Points
>
> 

Re: [strongSwan] Ubuntu 16: Received netlink error: Invalid Argument (22)

[Thomas Egerer]

Hi Jeroen,

don't use that antique kernel unless you have to. Sounds like the IV generator 
issue from [1]:

Note: For kernel versions 4.2-4.5 you will have to select Encrypted Chain IV 
Generator manually in order to use any encryption algorithm in CBC mode.


Hth
Thomas

[1] https://wiki.strongswan.org/projects/strongswan/wiki/KernelModules

On April 17, 2019 7:07:10 PM GMT+02:00, Jeroen Landheer 
 wrote:
>This apears in my log file:
>
>Apr 17 18:43:04 fwhq03 charon: 11[IKE] assigning virtual IP 192.168.8.1
>to peer 'jlan--e.nl'
>Apr 17 18:43:04 fwhq03 charon: 11[KNL] received netlink error: Invalid
>argument (22)
>Apr 17 18:43:04 fwhq03 charon: 11[KNL] unable to add SAD entry with SPI
>cf789c5c
>Apr 17 18:43:04 fwhq03 charon: 11[KNL] received netlink error: Invalid
>argument (22)
>Apr 17 18:43:04 fwhq03 charon: 11[KNL] unable to add SAD entry with SPI
>b651e5ec
>Apr 17 18:43:04 fwhq03 charon: 11[IKE] unable to install inbound and
>outbound IPsec SA (SAD) in kernel
>
>It seems that somehow strongswan can't assign a virtual IP address to
>the peer.
>
>Config:
>
>config setup
>charondebug="all"
>uniqueids=no
>
>conn ikev2-vpn
>auto=add
>compress=no
>type=tunnel
>keyexchange=ikev2
>fragmentation=yes
>forceencaps=yes
>ike=aes256-sha1-modp1024,3des-sha1-modp1024!
>esp=aes256-sha1,3des-sha1!
>dpdaction=clear
>dpddelay=300s
>rekey=no
>left=%any
>  leftid=@vpn.-.---o
>leftcert=/etc/ipsec.d/certs/vpn-server-cert.pem
>leftsendcert=always
>leftsubnet=0.0.0.0/0,::/0
>right=%any
>rightid=%any
> rightdns=192.168.5.2,192.168.5.9,2001:980:aa14:5::2,2001:980:aa14:5::9
>rightsourceip=192.168.8.0/24,2001:980:aa14:8::/64
>rightsendcert=never
>rightauth=eap-mschapv2
>eap_identity=%identity
>
>If I run the check script for the kernel modules, I get this: (this is
>basically a standard ubuntu setup)
>
>CONFIG_XFRM_USER=m
>CONFIG_NET_KEY=m
># CONFIG_NET_KEY_MIGRATE is not set
>CONFIG_INET=y
>CONFIG_INET_AH=m
>CONFIG_INET_ESP=m
>CONFIG_INET_IPCOMP=m
>CONFIG_INET_XFRM_TUNNEL=m
>CONFIG_INET_TUNNEL=m
>CONFIG_INET_XFRM_MODE_TRANSPORT=m
>CONFIG_INET_XFRM_MODE_TUNNEL=m
>CONFIG_INET_XFRM_MODE_BEET=m
>CONFIG_INET_LRO=y
>CONFIG_INET_DIAG=m
>CONFIG_INET_TCP_DIAG=m
>CONFIG_INET_UDP_DIAG=m
>CONFIG_INET6_AH=m
>CONFIG_INET6_ESP=m
>CONFIG_INET6_IPCOMP=m
>CONFIG_INET6_XFRM_TUNNEL=m
>CONFIG_INET6_TUNNEL=m
>CONFIG_INET6_XFRM_MODE_TRANSPORT=m
>CONFIG_INET6_XFRM_MODE_TUNNEL=m
>CONFIG_INET6_XFRM_MODE_BEET=m
>CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION=m
>CONFIG_INET_DCCP_DIAG=m
>CONFIG_IP_ADVANCED_ROUTER=y
>CONFIG_IP_MULTIPLE_TABLES=y
>CONFIG_INET_AH=m
>CONFIG_INET_ESP=m
>CONFIG_INET_IPCOMP=m
>CONFIG_INET_XFRM_MODE_TRANSPORT=m
>CONFIG_INET_XFRM_MODE_TUNNEL=m
>CONFIG_INET_XFRM_MODE_BEET=m
>CONFIG_IPV6=y
>CONFIG_IPV6_ROUTER_PREF=y
>CONFIG_IPV6_ROUTE_INFO=y
># CONFIG_IPV6_OPTIMISTIC_DAD is not set
>CONFIG_IPV6_MIP6=m
>CONFIG_IPV6_ILA=m
>CONFIG_IPV6_VTI=m
>CONFIG_IPV6_SIT=m
>CONFIG_IPV6_SIT_6RD=y
>CONFIG_IPV6_NDISC_NODETYPE=y
>CONFIG_IPV6_TUNNEL=m
>CONFIG_IPV6_GRE=m
>CONFIG_IPV6_MULTIPLE_TABLES=y
>CONFIG_IPV6_SUBTREES=y
>CONFIG_IPV6_MROUTE=y
>CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y
>CONFIG_IPV6_PIMSM_V2=y
>CONFIG_INET6_AH=m
>CONFIG_INET6_ESP=m
>CONFIG_INET6_IPCOMP=m
>CONFIG_INET6_XFRM_MODE_TRANSPORT=m
>CONFIG_INET6_XFRM_MODE_TUNNEL=m
>CONFIG_INET6_XFRM_MODE_BEET=m
>CONFIG_IPV6_MULTIPLE_TABLES=y
>CONFIG_NETFILTER=y
># CONFIG_NETFILTER_DEBUG is not set
>CONFIG_NETFILTER_ADVANCED=y
>CONFIG_NETFILTER_INGRESS=y
>CONFIG_NETFILTER_NETLINK=m
>CONFIG_NETFILTER_NETLINK_ACCT=m
>CONFIG_NETFILTER_NETLINK_QUEUE=m
>CONFIG_NETFILTER_NETLINK_LOG=m
>CONFIG_NETFILTER_NETLINK_GLUE_CT=y
>CONFIG_NETFILTER_SYNPROXY=m
>CONFIG_NETFILTER_XTABLES=m
>CONFIG_NETFILTER_XT_MARK=m
>CONFIG_NETFILTER_XT_CONNMARK=m
>CONFIG_NETFILTER_XT_SET=m
>CONFIG_NETFILTER_XT_TARGET_AUDIT=m
>CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m
>CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m
>CONFIG_NETFILTER_XT_TARGET_CONNMARK=m
>CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=m
>CONFIG_NETFILTER_XT_TARGET_CT=m
>CONFIG_NETFILTER_XT_TARGET_DSCP=m
>CONFIG_NETFILTER_XT_TARGET_HL=m
>CONFIG_NETFILTER_XT_TARGET_HMARK=m
>CONFIG_NETFILTER_XT_TARGET_IDLETIMER=m
>CONFIG_NETFILTER_XT_TARGET_LED=m
>CONFIG_NETFILTER_XT_TARGET_LOG=m
>CONFIG_NETFILTER_XT_TARGET_MARK=m
>CONFIG_NETFILTER_XT_NAT=m
>CONFIG_NETFILTER_XT_TARGET_NETMAP=m
>CONFIG_NETFILTER_XT_TARGET_NFLOG=m
>CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m
># CONFIG_NETFILTER_XT_TARGET_NOTRACK is not set
>CONFIG_NETFILTER_XT_TARGET_RATEEST=m
>CONFIG_NETFILTER_XT_TARGET_REDIRECT=m
>CONFIG_NETFILTER_XT_TARGET_TEE=m
>CONFIG_NETFILTER_XT_TARGET_TPROXY=m
>CONFIG_NETFILTER_XT_TARGET_TRACE=m
>CONFIG_NETFILTER_XT_TARGET_SECMARK=m
>CONFIG_NETFILTER_XT_TARGET_TCPMSS=m
>CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m
>CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
>CONFIG_NETFILTER_XT_MATCH_BPF=m
>CONFIG_NETFILTER_XT_MATCH_CGROUP=m
>CONFIG_NETFILTER_XT_MATCH_CLUSTER=m

Re: [strongSwan] Debug CFG_* messages (especially TSr and TSi)

[Thomas Egerer]

Hi IL Ka,




On 4/7/19 4:49 PM, IL Ka wrote:
> Hello.
>
> What is the best way to debug TSi and TSr messages?
> I want to see CFG_REQUEST/CFR_REPLY conversation between server and client (I 
> am interested in TS and INTERNAL_IP4_* messages), but did not find any option 
> for that in charondebug
try loglevel 'enc = 3', this gives you tons of output from
the packets parsed by charon.

>
> I wish there were an option to show debug like it is written in RFC5996:
By the way 5996 has been obsoleted by RFC 7296.
>    CP(CFG_REPLY) =
>      INTERNAL_IP4_ADDRESS(198.51.100.234)
>      INTERNAL_IP4_SUBNET(198.51.100.0/255.255.255.192 
> )
>      INTERNAL_IP4_SUBNET(192.0.2.0/255.255.255.0 
> )
>    TSi = (0, 0-65535, 198.51.100.234-198.51.100.234)
>    TSr = ((0, 0-65535, 198.51.100.0-198.51.100.63),
>           (0, 0-65535, 192.0.2.0-192.0.2.255))
>
> Could be very useful both for debugging and understanding IKEv2.
>
>
> Thank you in advance,
> Ilya.
>
> 
>   Без вирусов. www.avg.com 
> 
>
> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

hth
Thomas

Re: [strongSwan] Migrating to swanctl.conf

[Thomas Egerer]

Hi Dirk,


On 02/22/2018 10:33 AM, Dirk Hartmann wrote:
> Hi,
> 
> so the other migration I'm planning is to move to swanctl.conf/VICI-Plugin.
> 
> As it is possible to run both plugins stroke and VICI at the same time at the 
> same server, is this a good idea?From my understanding of the code you should 
> be fine running
both plugins simultaniously. 

> 
> It would definitely ease the migration if I could simply migrate our 
> approximately 250 connections from ipsec.conf to swanctl.conf one by one.
> 
> My question is, is this advisable?
Each plugin has its own config backend and as long as the
names of your configurations don't clash I don't see a
problem. However, Tobias knows the code much better and
might still object ;)
> Best regards
> Dirk

Cheers and good luck for the migration
Thomas

Re: [strongSwan] "id ... not confirmed by certificate, defaulting to" ... and "no matching peer config found"

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hello Thomas,

On 11/12/2017 09:07 AM, Thomas J. Webb wrote:
> I setup an Ubuntu machine using the same instructions that worked for me 
> before but am unable to connect from Mac OS X. I notice that on startup, 
> ipsec gives me this error (replacing actual domain with "example.com"):
> 
> reusing virtual IP address pool 2002:25f7:7489:3::/112
> Nov 12 16:46:30 ik1-327-23579 charon: 15[CFG]   loaded certificate "C=NL, 
> O=Example Company, CN=vpn.example.com" from 'vpnHostCert.der'
> Nov 12 16:46:30 ik1-327-23579 charon: 15[CFG]   id 'vpn.example.com' not 
> confirmed by certificate, defaulting to 'C=NL, O=Example Company, 
> CN=vpn.example.com'
This indicates that the ID you configured in your ipsec.conf
does not match the one from the cert. You can see it both ways:
distinguished name misconfigured, or ipsec.conf's leftid wrong.
However, it's much easier to reconfigure the leftid in your
ipsec.conf. See the section about leftid/rightid in [1] for
how to configure your local/remote IDs.
The error below has most likely the same origin: charon is
looking for a peer configuration using the rightid you
(mis)configured while your peer's certificate is in another
name. Again, try to reconfigure your IDs using [1].
> 
> Based on what I read earlier on this list and elsewhere, it could be 
> something wrong with how I made the cert. Here's the command I used to 
> generate vpnHostCert.der (also replacing real ip with 1.2.3.4):
> 
> ipsec pki --pub --in private/vpnHostKey.der --type rsa | ipsec pki --issue 
> --lifetime 730 --cacert cacerts/strongswanCert.der --cakey 
> private/strongswanKey.der --dn "C=NL, O=Example Company, CN=vpn.example.com" 
> --san vpn.example.com --san 1.2.3.4  --san @1.2.3.4  --flag serverAuth --flag 
> ikeIntermediate --outform der > certs/vpnHostCert.der
> 
> And verifying that it has the san:
> 
> ipsec pki --print --in certs/vpnHostCert.der
> cert:  X509
> subject:  "C=NL, O=Example Company, CN=vpn.example.com"
> issuer:   "C=NL, O=Example Company, CN=strongSwan Root CA"
> validity:  not before Nov 12 16:58:45 2017, ok
>not after  Nov 12 16:58:45 2019, ok (expires in 729 days)
> ...
> altNames:  vpn.example.com, 1.2.3.4, 1.2.3.4
> flags: serverAuth iKEIntermediate
> ...
> 
> openssl also shows what I think is the right data?
> 
> openssl x509 -inform DER -in certs/vpnHostCert.der -noout -text
> ...
> Subject: C=NL, O=Example Company, CN=vpn.example.com
> ...
> X509v3 Subject Alternative Name:
> DNS:vpn.example.com, IP Address:1.2.3.4, DNS:1.2.3.4
> 
> If I change leftid in /etc/ipsec.conf to have the whole "C=NL, O=Example 
> Company, CN=vpn.example.com" instead of just vpn.example.com, I don't get the 
> "not confirmed by certificate" message, but am still unable to connect. And I 
> don't get how it's unable to match the domain with the CN in the message.
> 
> When I try to connect it's not clear to me what the error is, but I'm 
> guessing it's "no matching peer config found":
> 
> Nov 12 16:52:49 ik1-327-23579 charon: 01[CFG] ike config match: 0 (1.2.3.4 
> 5.6.7.8 IKEv2)
> Nov 12 16:52:49 ik1-327-23579 charon: 01[CFG] no matching peer config found
> Nov 12 16:52:49 ik1-327-23579 charon: 01[IKE] processing INTERNAL_IP4_ADDRESS 
> attribute
> Nov 12 16:52:49 ik1-327-23579 charon: 01[IKE] processing INTERNAL_IP4_DHCP 
> attribute
> Nov 12 16:52:49 ik1-327-23579 charon: 01[IKE] processing INTERNAL_IP4_DNS 
> attribute
> Nov 12 16:52:49 ik1-327-23579 charon: 01[IKE] processing INTERNAL_IP4_NETMASK 
> attribute
> Nov 12 16:52:49 ik1-327-23579 charon: 01[IKE] processing INTERNAL_IP6_ADDRESS 
> attribute
> Nov 12 16:52:49 ik1-327-23579 charon: 01[IKE] processing INTERNAL_IP6_DHCP 
> attribute
> Nov 12 16:52:49 ik1-327-23579 charon: 01[IKE] processing INTERNAL_IP6_DNS 
> attribute
> Nov 12 16:52:49 ik1-327-23579 charon: 01[IKE] processing (25) attribute
> Nov 12 16:52:49 ik1-327-23579 charon: 01[IKE] received 
> ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
> Nov 12 16:52:49 ik1-327-23579 charon: 01[IKE] peer supports MOBIKE
> Nov 12 16:52:49 ik1-327-23579 charon: 01[ENC] generating IKE_AUTH response 1 
> [ N(AUTH_FAILED) ]
> Nov 12 16:52:49 ik1-327-23579 charon: 01[NET] sending packet: from 
> 1.2.3.4[4500] to 5.6.7.8[4500] (76 bytes)
> Nov 12 16:52:49 ik1-327-23579 charon: 01[MGR] checkin and destroy IKE_SA 
> (unnamed)[2]
> Nov 12 16:52:49 ik1-327-23579 charon: 01[IKE] IKE_SA (unnamed)[2] state 
> change: CONNECTING => DESTROYING
> Nov 12 16:52:49 ik1-327-23579 charon: 01[MGR] check-in and destroy of IKE_SA 
> successful
> Nov 12 16:52:49 ik1-327-23579 charon: 09[NET] sending packet: from 
> 1.2.3.4[4500] to 5.6.7.8[4500]
> Nov 12 16:52:49 ik1-327-23579 charon: 06[NET] waiting for data on sockets
> Nov 12 16:53:18 ik1-327-23579 charon: 14[MGR] checkout IKE_SA
> 
> Does anyone have an idea what I'm doing wrong or any hint where to look?

Cheers,
Thomas


[1] 

Re: [strongSwan] SHA1 vs SHA256

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hi Dusan,

On 08/06/2017 08:13 PM, Dusan Ilic wrote:
> Hi Thomas,
> 
> I haven't upgraded it cause that's not an option, both endpoints are routers 
> with Linux embedded.
> Below is the output after some pings from both sides.
> 
> Strongswan 5.5.2
> 
> ip -s x s s
> src 85.24.241.x dst 94.254.123.x
> proto esp spi 0xce291943(3458799939) reqid 1(0x0001) mode tunnel
> replay-window 0 seq 0x flag nopmtudisc af-unspec (0x00100100)
> auth-trunc hmac(sha256) 
> 0xc45dd8403c10cfd32f8fe74003cc80a309b7a0decb185826ef62ac1763ae4bcd (256 bits) 
> 128
> enc cbc(aes) 
> 0x0abb9115383986028a844ff1e71bd0f55aa22099d76785b288803ed7204aa23e (256 bits)
> lifetime config:
>   limit: soft (INF)(bytes), hard (INF)(bytes)
>   limit: soft (INF)(packets), hard (INF)(packets)
>   expire add: soft 2762(sec), hard 3600(sec)
>   expire use: soft 0(sec), hard 0(sec)
> lifetime current:
>   1416(bytes), 25(packets)
>   add 2017-08-06 20:08:26 use 2017-08-06 20:08:31
> stats:
>   replay-window 0 replay 0 failed 0
> src 94.254.123.x dst 85.24.241.x
> proto esp spi 0xc9359a4e(3375733326) reqid 1(0x0001) mode tunnel
> replay-window 32 seq 0x flag nopmtudisc af-unspec (0x00100100)
> auth-trunc hmac(sha256) 
> 0xfe9408ba634fe4276972fa79c9b60f12bffc766434298cb25738396d2b94dda9 (256 bits) 
> 128
> enc cbc(aes) 
> 0x1fd6fd06781cee3bab6ed97a2f01793eded22f7360691430fdfb604c4e424066 (256 bits)
> lifetime config:
>   limit: soft (INF)(bytes), hard (INF)(bytes)
>   limit: soft (INF)(packets), hard (INF)(packets)
>   expire add: soft 2895(sec), hard 3600(sec)
>   expire use: soft 0(sec), hard 0(sec)
> lifetime current:
>   0(bytes), 0(packets)
>   add 2017-08-06 20:08:26 use 2017-08-06 20:08:28
> stats:
>   replay-window 0 replay 0 failed 49
^^- this indicates a crypto-
graphic error with the received packets. As suspected in this thread
before, your peer -- which by the way has a very very sparse iproute2
output, did it get truncated -- most likely uses sha256 with a 96 bit
truncation.
- From quickly reading this entire thread I did not whether you have
tried the following proposal on both sides:

esp=aes128-sha256_96-modp2048!

Is building your own strongswan instance for the regular linux box an
option for you?

Cheers, Thomas
> 
> Strongswan 5.2.2
> 
> ip -s x s s
> src 94.254.123.x dst 85.24.241.x
> proto esp spi 0xc9359a4e(3375733326) reqid 1(0x0001) mode tunnel
> 
> Den 2017-08-06 kl. 16:49, skrev Thomas Egerer:
> Hello Dusan,
> 
> if you haven't yet updated your kernel, we might shed some light on
> the problem. Set up the tunnel with SHA256 and send a couple of
> packets from both sides. Then provide the output of
> 'ip -s x s s'
> 
> Cheers,
> Thomas
> 
> 
> On 08/04/2017 12:23 PM, Dusan Ilic wrote:
>>>> Hello!
>>>>
>>>> I have a strange issue, with both settings below the tunnel goes up as it 
>>>> should, but only with SHA1 in ESP traffic goes through. When I ping the 
>>>> remote client with ESP SHA256 it times out, even though the tunnel reports 
>>>> as being up by Strongswan.
>>>>
>>>> Traffic working:
>>>>
>>>> ike=aes256-sha256-modp2048!
>>>> esp=aes128-sha1-modp2048!
>>>>
>>>> Traffic not working:
>>>>
>>>> ike=aes256-sha256-modp2048!
>>>> esp=aes256-sha256-modp2048!
>>>>
>>>> Below combo doesn't work either:
>>>>
>>>> ike=aes256-sha256-modp2048!
>>>> esp=aes128-sha256-modp2048!
>>>>
>>>>
>>>> Also, are above settings good? I'm having AES128 on ESP because with 
>>>> AES256 I loose too much througput. Do you have any suggestions for change?
>>>>
>>>>
> 

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJZiWqTAAoJEGK31ONirBTGwM4P/09h6ueOW0FyL+ajqr2HfwA6
ubk9vbcGAZg4AlBcwgkg46lABucWWLhMN1ayaRNaLiK5pvn5pqYHOB0gk6RivDQg
gfj9koQlYrQQ2KHUt6ZOrosKSW2jzoIjz4U/aeOuI+ScHfTHuzLgSwmAi/qB17Ov
/i6Jbx25aChb+ioms4BmkQpacY37Shuq09sAh1coVZC7JMDEpsKvpsPhCV+dCWUM
FxBZOZJeWNVKPILPstF/zyc4nJFzvWssUEutJ/1tpUd8Mlehrt3xc78HbcLru5In
JWYAKLg1qjSd5nmlqJQ2at2uwOf3wfdykBZkGjVWsDGGtoLGA6+T8XMyKML0byhC
jR5+8I2NKLdtiPOoM1NbchZKjCCBR2zqNOsI833pEiqmFpjFfp4+gWqmmC0uR9cM
DAPbMCrckA6rhisqphT2i0tRAhnh4sqxCa1TjwuR+BcNWm+KKiIkhaP4NvfmHoH1
IVzZzHVCkr5/qJGOBCJM2Jc0ONI79e0xe26f4SJDn3sfEMsO5lxbM5cvN2XiZ8J7
Wu5f8aytiR4wLKHCRGvqw4hqaj0hoR505+jq4Ywos3GnEM5ylOoxLgEHT169aou+
vL1VwKYehCfQFKwI0uL70dOj3ASyjuR1dIEEBFgNL2xbGfJVEMZ1Rm7SMZb2hHph
UchHB0r5u4A2AcuTVBDR
=X/NO
-END PGP SIGNATURE-

Re: [strongSwan] SHA1 vs SHA256

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hello Dusan,

if you haven't yet updated your kernel, we might shed some light on
the problem. Set up the tunnel with SHA256 and send a couple of
packets from both sides. Then provide the output of
'ip -s x s s'

Cheers,
Thomas


On 08/04/2017 12:23 PM, Dusan Ilic wrote:
> Hello!
> 
> I have a strange issue, with both settings below the tunnel goes up as it 
> should, but only with SHA1 in ESP traffic goes through. When I ping the 
> remote client with ESP SHA256 it times out, even though the tunnel reports as 
> being up by Strongswan.
> 
> Traffic working:
> 
> ike=aes256-sha256-modp2048!
> esp=aes128-sha1-modp2048!
> 
> Traffic not working:
> 
> ike=aes256-sha256-modp2048!
> esp=aes256-sha256-modp2048!
> 
> Below combo doesn't work either:
> 
> ike=aes256-sha256-modp2048!
> esp=aes128-sha256-modp2048!
> 
> 
> Also, are above settings good? I'm having AES128 on ESP because with AES256 I 
> loose too much througput. Do you have any suggestions for change?
> 
> 

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJZhyx2AAoJEGK31ONirBTGzcsP/1V6Ej3yIVM0YC4rcghhvlDs
YMrjrUJgQV98S9Vu52a/SF3bddJ7YlG1LawboQAQqW5j2dYugDubDdULmWEHwUwb
BdlY7RURKh5pDK+xYwgzuLrFmZtSddKfsDzzv5Ii9VmG1VkM+yyeqBqZn2DfeWeX
K1JFe9AvI+5sFcwciLdh3SxRMI3rEKZTj17LnqLS/EMJoOn+jqmhBGGPkBkJDSOn
VVRVh5atnPcM/CUsNoTF18pvhttejsD3aZSGpKvowQPuj6fut+aVn9ANnXodsME1
tITleiiRSWOYrKT66wC5Yo23GhaMXBQWjGWd1r5z+FP4EVzRH6Ofia6QwNGHF71H
t6ZN2ndBRjk1nQYHu7UdUKT/PECsxTn1sWCKHpgv6cSnWzVe0NULEgWsZ3+kv5R7
g4R+lSiPWcBXTz+jSYmVP9y4WnkDIKg1aHHhkCI/m/crNSGKuLZkyDsGHmxzC2+f
lXawcBX1y3P5lvAgHM8M541MA5AwJ5ZUtLoL8o6ME6mP+ojqhm0y4iC1CTUXLiq/
vl/LvZbYYym03LhMyFkFNAmQZ0I7eJJJsXOpLDa75s1ZqsGITwJWRvE3/Lng2fq7
2RVIiMLsScxC9T6roU5cQ/TlcmIIvD4UN4o5WR8V6Vu3RLJrrzUDJE7ypNevmxKa
GZwdsPHqskLfafxSG2X5
=vURY
-END PGP SIGNATURE-

Re: [strongSwan] Error while running Charon

[Thomas Egerer]

Rajeev,

I guess, the config option '--enable-monolithic' option
builds charon with all plugins compiled into one binary
blob. Try and remove this option. Then remove the
load_modular option from your strongwan.conf, or place
the configuration snippets in your file system as
described in [1]. Then of course, you would have to
remove the load keyword from your strongswan.conf.

Cheers,
Thomas

[1] https://wiki.strongswan.org/projects/strongswan/wiki/Strongswandirectory

On 10/18/2016 04:37 PM, rajeev nohria wrote:

Noel,

I still having issue after going through many hit and trial method to
fix this,

root@Xilinx-ZCU102-2016_1:~# charon
00[DMN] Starting IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0, aarch64)
00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet
dependency: NONCE_GEN
00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon'
has unmet dependency: HASHER:HASH_SHA1
00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon'
has unmet dependency: HASHER:HASH_SHA1
00[LIB] failed to load 3 critical plugin features
00[DMN] initialization failed - aborting charon


Makefile:

CONF_OPTS +=  --disable-gmp --enable-monolithic --enable-openssl
--enable-pkcs11 --enable-vici --enable-x509 --enable-nonce




strongswan.conf
# strongswan.conf - strongSwan configuration file
#
# Refer to the strongswan.conf(5) manpage for details
#
# Configuration changes should be made in the included files

swanctl {
  load = pem pkcs1 x509 revocation constraints pubkey openssl random
}

charon {
load_modular = yes
 load = sha1 pem pkcs1 x509 revocation constraints pubkey openssl random
nonce curl kernel-netlink socket-default updown vici

plugins {
include strongswan.d/charon/*.conf
}
}

 filelog {
/var/log/charon.log {
# add a timestamp prefix
time_format = %b %e %T
# prepend connection name, simplifies grepping
ike_name = yes
# overwrite existing files
append = no
# increase default loglevel for all daemon subsystems
default = 10
# flush each line to disk
flush_line = yes
}
stderr {
# more detailed loglevel for a specific subsystem,
overriding the
# default loglevel.
ike = 4
   cfg = 4
   asn = 4
   app = 4
tls = 4
 esp = 4
chd = 4
knl = 0

}
}


On Sat, Oct 8, 2016 at 7:41 PM, Noel Kuntze > wrote:

Hello Rajeevm
>
> 00[DMN] Starting IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0, 
aarch64)
> 00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet 
dependency: NONCE_GEN
> 00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon' has 
unmet dependency: HASHER:HASH_SHA1
> 00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon' 
has unmet dependency: HASHER:HASH_SHA1
> 00[LIB] failed to load 3 critical plugin features
> 00[DMN] initialization failed - aborting charon

You need the sha1 or the openssl plugin, as well as the nonce plugin.
Please use google[1] next time.

[1]

https://encrypted.google.com/search?hl=en=site%3Awiki.strongswan.org%20%22libcharon%20in%20critical%20plugin%20%27charon%27%20has%20unmet%20dependency%3A%20NONCE_GEN%22



--

Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658





___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users



___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Remove default policy

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On March 23, 2016 4:02:48 AM GMT+01:00, Naveen Neelakanta 
 wrote:
>Hello,
>
>Is it possible to configure strongswan not to add the below default
>policy rules.
>I am running strong swan in TEST namespace on linux and i don't see
>the arp working from the root name space to namespace interface.  I
>would like to know why ARP between the root namespace and Test
>namespace is not working if i have the below policy rules. i have used
>veth pair to connect namespace and root .
>
>src 0.0.0.0/0 dst 0.0.0.0/0
>socket in priority 0
>src 0.0.0.0/0 dst 0.0.0.0/0
>socket out priority 0
>src 0.0.0.0/0 dst 0.0.0.0/0
>socket in priority 0
>src 0.0.0.0/0 dst 0.0.0.0/0
>socket out priority 0
>src ::/0 dst ::/0
>socket in priority 0
>src ::/0 dst ::/0
>socket out priority 0
>src ::/0 dst ::/0
>socket in priority 0
>src ::/0 dst ::/0
>socket out priority 0
>
>Thanks,
>Naveen
>___
>Users mailing list
>Users@lists.strongswan.org
>https://lists.strongswan.org/mailman/listinfo/users

These socket policies are essential to charon to bypass the xfrm stack of the 
kernel. You cannot remove them.


Thomas
- --
Sent from a mobile device. Please excuse my brevity.
-BEGIN PGP SIGNATURE-
Version: APG v1.1.1

iQI+BAEBCgAoBQJW8kRlIRxUaG9tYXMgRWdlcmVyIDxoYWtrZV8wMDdAZ214LmRl
PgAKCRBit9TjYqwUxvBVEACdETVLmjCn8xo61I85f6ixlMq9SCYqu2p/xxNZ/J/3
qHdl/6ngqFhVoSaPvI3jXSMjElSlrU3I+AcmHYLyPLDBwXZPLJ91mmn1A6eJCEBq
7Q6jd9Xk5KfnYpzR5gyNyDjoyWXXwfKBwO+3U68wZs4f8nk9BEDIxHLGDQaVoYxu
yBHQqrTM9gKzejk9tHTbaRGdKRsALBngRFhPLW4NCSC6AkGTi1/S/nku8tm40IEu
aV4k3sNN4ivCoYb0ksiqHlzeVs23I3dokpR2NMFtxtW3VUwZUmlngrOjuAntc1M+
dZ3qwOsXknI1diwMZMPRVnjDgGqdAwjtGPy76xLZpkFhVtAdJAweNwhnFtCwo+k/
3JMF0JmE7ZPhYMT7U5eGq+ed5qxEffcFMSNgMZgsObP/HJj1m7+1IAbAon+sc2Lf
cN21Ja9EJ4Wf/E8OleBIRiESmUKvzFH5q+iix5EWJ/U93y1OqDOEIcK+o7yOyiGX
POAfsT43YfYiIS18QCQNtpK3xZNDygUND27/OyoZwMeY3KAqO2AiOonHzI4yACyr
CaN4V/5gmd/zszhIegEC4FgqBd2GfhJP90/Cuk2yTrKMADtNWNes4CXU9juEFHXj
6fOpI98DjB1b2tEctEHL8o2u+HBF876i9blmOzqKwYqmV7W7iIo4LP8H61U6/OeB
xw==
=MF5U
-END PGP SIGNATURE-

___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] syntax error, unexpected $end, expecting NAME or NEWLINE or '}' [`]

[Thomas Egerer]

Hi Nicolas,

On 03/03/2016 12:23 PM, Nicolas Göddel wrote:
> Hi @ all,
> 
> I just upgraded my strongswan installation to version 5.3.5. Before I used
> strongswan version 5.1.2 directly from the ubuntu repository.
> 
> After "make" and "make install" it all works, but only for a day. Now I get 
> this
> error:
> 
> syntax error, unexpected $end, expecting NAME or NEWLINE or '}' [`]
> invalid config file '/etc/strongswan.conf'
> 
> The content of '/etc/strongswan.conf' is:
> 
> # strongswan.conf - strongSwan configuration file
> #
> # Refer to the strongswan.conf(5) manpage for details
> #
> # Configuration changes should be made in the included files
> 
> charon {
> load_modular = yes
> plugins {
> include strongswan.d/charon/*.conf
> }
> }
Since your strongswan.conf file looks fine, maybe one of the included
files is misformatted. Go ahead and check that.

Cheers,
Thomas
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] what's the expression of a range of address?

[Thomas Egerer]

Hi Tony,

On 02/25/2016 05:03 AM, Tony.He 賀雙鳳 wrote:
> Hi,
> 
>Here is the topology.
>local subnet 192.168.1.0/24 -GW A ---InternetGW B – local subnet 
> 192.168.2.0/24.
>I want to only allow hosts whose IP addresses in a range to be part of 
> the tunnel. For example, 192.168.1.2-192.168.1.8 are allowed
>in site A and 192.168.2.3-192.168.2.11 are allowed in site B. Can 
> anyone tell me how to configure? Thanks in advance.
> 
> Best regards
> Tony
Try playing around with prips [1], this could help you dividing your
ranges into subnets/hosts. They can be configured as list of subnets
in. As for site A you would use

'leftsubnet=192.168.2.3,192.168.2.4/30,192.168.2.8/30'

likewise for site B:

'rightsubnet=192.168.1.2/31,192.168.1.4/30,192.168.1.8'

That's definitely no very convinient way. The alternative, using
firewall rules might come in more handy.

Cheers,
Thomas

[1] http://manpages.ubuntu.com/manpages/raring/man1/prips.1.html

___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Site to Site VPN configuration using multiple traffic selectors

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hello Heiner,

On 02/20/2016 03:17 AM, Chris Buechler wrote:
> On Fri, Feb 19, 2016 at 6:17 AM, Erne, Heiner  wrote:
>> Hello,
>>
>> I would like to ask how to configure with strongSwan a site to site
>> configuration with multiple traffic selectors in one IKE setup, e.g.
>>
>> Site1  ßà Site 2
>>
>> Traffic selector 1 (shall have one ESP tunnel with this traffic selector)
>>
>> 192.168.1.0/24   <->
>> 172.16.1.0/24
>>
>> Traffic selector 2 (shall have another ESP tunnel with this traffic
>> selector)
>>
>> 192.168.3.0/24   <->
>> 172.16.3.0/24
>>
> 
> They're specified as comma-separated values (for IKEv2) in leftsubnet
> and rightsubnet. So for that example, something like:
> leftsubnet=192.168.1.0/24,192.168.3.0/24
> rightsubnet=172.16.1.0/24,172.16.3.0/24
Please note, that this results in the following configured traffic flows:

192.168.1.0/24 <-> 172.16.1.0/24
192.168.1.0/24 <-> 172.16.3.0/24
   
192.168.3.0/24 <-> 172.16.1.0/24
192.168.3.0/24 <-> 172.16.3.0/24

Judging from your picture this may not necessarily be what you want.

Thomas
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJWyCmsAAoJEGK31ONirBTG8OUP+gN09DcfOOqkLnidFnH2vs6a
saBjwokGGCRS3ihcwPFdzbhFvj22TyuIORuC4DAZjHkJjlJJiMF4lPyDVwpucNB6
T7VClJt6g2Oivy1DbONKyceAS/1XRJM5kOnK9ig9vK5loJ/Ksruq5PqDRDhyYFSS
9kN3KDRiASXvTwvJdAURKQZSQmdKhsg3+uL94rN1+OrRwCCyBtOjpRtbTLO3hTXD
3/VhDvSZBrWe3SijBevEx0xagYeVd9C/DRpgKsuTwjnvL3ip4PZnYxXtRJDoAlPK
Cu3WcJYkGGIgri9604K0ou65eyZq62uANAfbjfYS1O2+gLhmoAdpeXHxsiX0M7f9
xcMnB+xCseZ7yr2QHDmLPIUlvKX5SYEvYmq5HBU1zRX1SpmPR43lyVw3cn3+r9mh
fUFInk+IZqQouyuC/KnNF0ml3FUOIMt8mBBtI31AodUO+2TFJvIFzje7vDjCm/nR
CgnNIALL5AlABxQO1xDF7wqaHJ18IyubbV/0IDNEqURsq2wTVd9r9WAWxXrwlNQy
9FI6S+n4G8YfszzqCPW0GYUMe+Zs6BaiDgROD2w4Fqywa52zdD0OlL7IR5n1DWHO
Lfk2I8s7EklMMMrC03bLh9ZSnBWnGOKL2ZG0H1cOQwtTc7flFlC0HQna84UL2GEY
YyUstf7yQ7j/Un6T1x6I
=BFJE
-END PGP SIGNATURE-
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] IKE cookies printed in reverse order compared to ipsec statusall.

[Thomas Egerer]

Nanda,

On 02/18/2016 03:37 PM, Noel Kuntze wrote:
> Hello Nanda,
> 
> Please always send the email to the mailing list, too.
> 
>> Hi Noel,
>>
>> Thank you. 
>> I could figure out that it is  at
>> strongswan-5.2.2/src/libstrongswan/utils/utils.c + 925  that we print the 
>> bytes in the logs.
>> Could you please show me if there are any other endianness conversion done 
>> like here?
That's way off! Try the attached patch.

>> buffer is represented as a char array.
>> Any help appreciated
>>
>> Regards,
>> Nanda
> I don't work with the source code, so I can't tell you without looking at the 
> sources myself.

Cheers,
Thomas

>From 20332508bf5a688df9c7d3d820642e8980444819 Mon Sep 17 00:00:00 2001
From: Thomas Egerer <hakke_...@gmx.de>
Date: Thu, 18 Feb 2016 16:29:59 +0100
Subject: [PATCH 1/2] stroke: List IKE-SPIs in network byte order

Signed-off-by: Thomas Egerer <hakke_...@gmx.de>
---
 src/libcharon/plugins/stroke/stroke_list.c | 7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c
index 14233c9..a7ee6db 100644
--- a/src/libcharon/plugins/stroke/stroke_list.c
+++ b/src/libcharon/plugins/stroke/stroke_list.c
@@ -120,6 +120,7 @@ static void log_ike_sa(FILE *out, ike_sa_t *ike_sa, bool all)
 
 	if (all)
 	{
+		u_int64_t spi_i, spi_r;
 		proposal_t *ike_proposal;
 		identification_t *eap_id;
 
@@ -135,11 +136,13 @@ static void log_ike_sa(FILE *out, ike_sa_t *ike_sa, bool all)
 
 		ike_proposal = ike_sa->get_proposal(ike_sa);
 
+		htoun64(_i, id->get_initiator_spi(id));
+		htoun64(_r, id->get_responder_spi(id));
 		fprintf(out, "%12s[%d]: %N SPIs: %.16"PRIx64"_i%s %.16"PRIx64"_r%s",
 ike_sa->get_name(ike_sa), ike_sa->get_unique_id(ike_sa),
 ike_version_names, ike_sa->get_version(ike_sa),
-id->get_initiator_spi(id), id->is_initiator(id) ? "*" : "",
-id->get_responder_spi(id), id->is_initiator(id) ? "" : "*");
+spi_i, id->is_initiator(id) ? "*" : "",
+spi_r, id->is_initiator(id) ? "" : "*");
 
 
 		if (ike_sa->get_state(ike_sa) == IKE_ESTABLISHED)
-- 
2.6.4

___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Python VICI

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hi Sam,

On 02/16/2016 09:24 PM, Sam Johnson wrote:
> Hello all!
> 
> I have been using the python VICI library with a lot of success, but I am
> running into one minor issue. I have a lot of connections setup (~70k), and
> I want to be able to list the status of a single connection. I saw on the
> python documentation that `list_conns` takes a filter argument. Per the
> documentation on Vici I have this function call:
> 
 conn_gen = s.list_conns({"ike": ['29709fce5f05498bbfe57a560524c712']})
 len(list(conn_gen))
> 72209
> 
> For some reason it is still returning every single connection. I obviously
> can iterate through this and grab the one I want, but the initial
> load_conns takes a long time (5-10 seconds). I was hoping that by filtering
> to the connection I wanted it would return quicker.
try omitting the array:
> conn_gen = s.list_conns({"ike": '29709fce5f05498bbfe57a560524c712'})
maybe this helps.

Cheers,
Thomas

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJWw44IAAoJEGK31ONirBTG7tQQAKaNrKiK9unru8hFBFQu4XtK
sdeXZyLM3QTx9uolltJ1UrkYpKM7Ot8w6fWWMSvFduD1t1+JioEGnlLJMEqrvibd
O54D04LJBr1D27WWMYjdaOOzUX0mV+/viJoy7F3vaEIRgz4pMu7/lBMFb45ui6xm
eOsreZwiUGWKkojlSyjjrQHuGvILDrC5eAiKfgIC9THn8bfcAxC1dn+N00fUcUO+
bEuq8+B+D3h8noqy8twOJN7xIVHg1uqIbUcDK/VlSkzT0TR3RvfG7fYC6FP55GtK
d8JmD9ISNXiWypGju4Vz7p+4kEnZqQxgtwIHaMOEgcnxofHp5g2Hnz0/QDWkMph3
StrEM7xR0CI7GsXV9as7TAwW0agCRvSdw0Qc8mpeV3ZrffUdILNVg2JreG5OzF4j
eO+su+BUUan6jm2K11/Kya55r5VF+opV52frQO4Qy8/tf/ZnR//I6aB7xw+167Q6
QRxUeToHF2aWFRwgXsiy4xZB8elzjfL82diNi7zuEV/QuynIWbfmFfLOQFB1lSNS
DKsFydliHpTo0g1RsGbLx5nxa0IxwhLzRs3TB8Vab8VbWtET7sOmRhuI8bC1F5Mg
/CmbSNULW9tHsda2JDG5dKqVA2So3eEKtrYLy+dxvukKVF1OMDVKEGyJi7UUpjpY
R5KXaJkNPLDeBKJQ7o/s
=MA9r
-END PGP SIGNATURE-
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] fail open mode for strongswan

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hi Matt,

no, that's afaik not possible. Why would you want to transmit data in plain
if you configured a tunnel/transport mode SA for it?

Cheers,
Thomas


On 02/09/2016 07:23 PM, Matthew Boedicker wrote:
> Are there any configuration settings that can make strongswan "fail open"
> when in host-to-host transport mode? It would try to negotiate an encrypted
> connection but fall back to communicating in the clear if the encryption
> failed for some reason.
> 
> Thanks.
> 
> 
> 
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJWujBnAAoJEGK31ONirBTGwREQALbT9RqqkDV+dzw7J7SDuuMm
xPeaL+KhXjXUSu9xpiPIfF7V9jgGcj8lCbhJkhqEA6ds2oNlx+osytKB3D/IoRjH
fJ4Lb8/Ow+ttbgoGGDlFOLfe/eC1bLxQDAYJRGeBIN8DPNFYormXJUSoq7EBuTtC
GHcKulKCBePqu0ofjD+seojOwPGuW5oy6A4vvUHkirV8+3o9X6aZ8F/nKZ2DAiTC
uUw4Bc/7pzUl39qwd1BQY4RSzBEi8ToowKAJ2Y+yUJKE/bl0VPFlkTUMOPOdZpi0
CXRvmVdQeyPb8O54TcfH2HMa1qLvugcF+7ArWQfTnwrRSAgWvWuEtg+cUoSIGwCo
SCN6+p3pRYWriIDJa4bfMhIpKep/pBvz1bc6I43zGyvwU+/GyUwxGhzDbz7//cqi
PlXm5Zt472lbaIwjS7tnwSV8GsUlSyTBRzdLAHy2tbhPTleav74LkY+U6tIOTcdJ
9BXdPV9/SKnf4QCvFE+UQR2HfK14s9Jt7nHSM72DtCzciAX6jCL9pavh5Wo6COz7
PLgA2O+re70ZuxtYQOmq3W8q2rgUeJ64HzHEIf7kz1xBUrvJ+OXMaBpI5ZPk9i6n
OdFOhv6slwSmy+T/1TWpAhCar93f+YglIf/br5MnqXfuweT22G31UEiR29IAJ0PZ
uJSMneczq5dvghLczP0k
=r95a
-END PGP SIGNATURE-
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] DH group for key exchange is undefined

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Michael,

can you provide the charon load-tester log with facility enc set to log
level 3, see [1], and the pcap file from your cisco device (one IKE_INIT
exchange should do).

Thomas

[1] https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration

On 01/31/2016 09:12 AM, Michael Chan wrote:
> I ran this against a cisco device. I looked at the packet capture and it
> shows that the key exchange DH group is undefined. Has anyone tried with
> load-tester on 5.3.5?
> 
> On Sat, Jan 30, 2016 at 2:22 AM, Thomas Egerer <hakke_...@gmx.de> wrote:
> 
> Michael,
> 
> while unloading the dishwasher I gave your issue another thought ;)
> It seems I have somehow misread your problem. The peer you are trying
> to connect the load tester to, runs which VPN-service? If it is a
> strongwan instance, you should provide the version, log information
> of the IKE negotiation and an output of your config (stroke statusall).
> It seems odd, that the peer does not accept modp 1024 while it request
> this same modp group in the response.
> Does the peer a plugin loaded that provides modp 1024 (gcrypt, gmp,
> openssl)? You should see this in 'stroke listall'.
> 
> Cheers,
> Thomas
> 
> On 01/30/2016 12:20 AM, Michael Chan wrote:
>>>> I looked at the ike logs and I see the following message
>>>>
>>>> [ENC] parsed IKE_SA_INIT response 0 [ N(INVAL_KE) ]
>>>> [IKE] peer didn't accept DH group MODP_1024, it requested MODP_1024
>>>>
>>>> The packet capture shows the DH group is undefined. Is there a parameter
> to
>>>> set the DH group for the ike key exchange? I have the following parameter
>>>> in my load-tester.conf file.
>>>> proposal = aes-sha1-modp1024
>>>>
>>>>
>>>>
>>>>
>>>> On Fri, Jan 29, 2016 at 12:40 PM, Michael Chan <mcha...@gmail.com>
> wrote:
>>>>
>>>>> Hi,
>>>>>  I'm wanting to use the load-tester plugin to perform load testing
> on
>>>>> remote host, but the remote host keeps sending back INVALID_KE_PAYLOAD
>>>>> message back. When I do a packet capture I see that the DH group for key
>>>>> exchange payload is undefined. I tried setting in the load-tester.conf
> file
>>>>> esp and proposal to use modp1024, but it doesn't change the key exchange
>>>>> payload DH group at all. Is there a way to set the group in load-tester?
>>>>>
>>>>> Thanks,
>>>>> Michael
>>>>>
>>>>
>>>>
>>>>
>>>> ___
>>>> Users mailing list
>>>> Users@lists.strongswan.org
>>>> https://lists.strongswan.org/mailman/listinfo/users
>>>>
> 
>> ___
>> Users mailing list
>> Users@lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/users
>>
> 

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJWrdqZAAoJEGK31ONirBTGOhAP/0rr7ZcgG4ljSwbRJUtGSQKv
BwSO069RVcxTKSdV8bwvwL5u7gA1Gkbld1TASArN9auVfMcvmjuW6zlt+QpK9FSV
o9qvJoPpJTeBTgbRlZmWEXTCr/flLl1Hd5eu4IZ+rG0MxM0GCtxXOBYWPlWNw3j7
4lB6mj/hpwnvIW0iu3OvrzuRbvarFf7lKAEDBdZ0AVoiCJFPwj6C/R04K4ouRsav
3ldWxh80fGH1WQHTHytEqlBSYBnj2cAcpgKtAiGqZQ7LzMzoCk05WQmJemW5DgEu
zhrsMIxXlHxf1VjLKJ9zRP6oJIk8ZvDMGg3n84OIpqhJK6gnG+7p4YJCCL4JGQF5
XyaDwy0DV6vfyiYP3rxCzqbeB7+e7kAKGeDUO+O+DyUTAK+K88SiAdTPL2cGc6sz
io4JH7jqwnG0gaqkDPpRHkZRa/OJxeu6/p8u5tyMwC0PO1FHEPlkgqCBikXuvAko
hA2XfvrmSnrPROViR2ujfSjlLqcJ0y0XrG4MrTFF1xFroXIhLsHsUDZ/vIM8lmT4
pA+DQmNqToQ2m7ashz3fYu6zyPS+PGT9AFiEyqUrNKZ++7lHGW/DvvMomyymHCzb
x2RoVDa/TMFiTInNfAqCQd0s6DDikfu/MUqGFfDi/4/lGQ9hkABd3bmYst8Wvms8
bJFLJQSzB3Z0zP+AwUYK
=48yJ
-END PGP SIGNATURE-
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] DH group for key exchange is undefined

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Michael,

let me google that for you [1]! First result (in my search) [2]:

Key  charon.plugins.load-tester.proposal
Default  aes128-sha1-modp768
Description   IKE proposal to use in load test.

Et viola, here you go!

Thomas

[1] https://encrypted.google.com/search?hl=en=strongswan%20load%20tester
[2] https://wiki.strongswan.org/projects/strongswan/wiki/LoadTests

On 01/30/2016 12:20 AM, Michael Chan wrote:
> I looked at the ike logs and I see the following message
> 
> [ENC] parsed IKE_SA_INIT response 0 [ N(INVAL_KE) ]
> [IKE] peer didn't accept DH group MODP_1024, it requested MODP_1024
> 
> The packet capture shows the DH group is undefined. Is there a parameter to
> set the DH group for the ike key exchange? I have the following parameter
> in my load-tester.conf file.
> proposal = aes-sha1-modp1024
> 
> 
> 
> 
> On Fri, Jan 29, 2016 at 12:40 PM, Michael Chan  wrote:
> 
>> Hi,
>>  I'm wanting to use the load-tester plugin to perform load testing on
>> remote host, but the remote host keeps sending back INVALID_KE_PAYLOAD
>> message back. When I do a packet capture I see that the DH group for key
>> exchange payload is undefined. I tried setting in the load-tester.conf file
>> esp and proposal to use modp1024, but it doesn't change the key exchange
>> payload DH group at all. Is there a way to set the group in load-tester?
>>
>> Thanks,
>> Michael
>>
> 
> 
> 
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJWrIJ/AAoJEGK31ONirBTGAdQP/0an6YBvRi7Byfb3kFwCIYDh
ZSeumBYoxXfq0+FraFGgqe2/VgNR95Hoz2jXPB/djgK49tUBqQe9BH8WTiPtWvUq
yr9YC3y8oLo0RuYCvtgedC3zNosn79IArbpCjtE7bGW1VimJ1X2Z/6invNyNBDF+
R8DN6qCiC+eqxBrd9rxoyDNkSncPcwvtriVeStt8IlHdYLbi9FaxN0YmI5NQvXlO
+/FFSL4BB8iaavZyvntG2+8zqkPwEXHKKHlkkRQHLqilPA/+jIys1CHbmP5cYMag
q0pl4HwojWHWCV1BNJyplXDhuNnxiOYQGGq/7yqZXTvW8gfUkynQQALrGws/+BRL
e+9Go79iRgwyqUqN4EicRuD6ci0H8zJ+2LghH167C0G9jZFrLlPh8ozMrzFxftZn
lxPA9NNFLBpDAphq5GLzIXDcylU1msKsbz6YPkKWU+tDJbfwKYmSRUpeYjbJKUfz
x8RJPI87FivaXKRG1cOmNhWOUhcpThcsV7OYIh5GHQ2MlL2dCGSRi1tknBjYKtZ3
cKNvDUKzYzzpn2KrahUjde89QTkVSRaLxxTlll76OUui4GDoiG4z/DGaF9Fihg7y
qUzvR4rl2LthtQ20RJyDLTQHMYVMWeLMXJERj2NMZbOP/KmALXw7Xa0swce3hS7C
WaQRdH7bHxeM2TMYpWG4
=hre/
-END PGP SIGNATURE-
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] DH group for key exchange is undefined

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Michael,

while unloading the dishwasher I gave your issue another thought ;)
It seems I have somehow misread your problem. The peer you are trying
to connect the load tester to, runs which VPN-service? If it is a
strongwan instance, you should provide the version, log information
of the IKE negotiation and an output of your config (stroke statusall).
It seems odd, that the peer does not accept modp 1024 while it request
this same modp group in the response.
Does the peer a plugin loaded that provides modp 1024 (gcrypt, gmp,
openssl)? You should see this in 'stroke listall'.

Cheers,
Thomas

On 01/30/2016 12:20 AM, Michael Chan wrote:
> I looked at the ike logs and I see the following message
> 
> [ENC] parsed IKE_SA_INIT response 0 [ N(INVAL_KE) ]
> [IKE] peer didn't accept DH group MODP_1024, it requested MODP_1024
> 
> The packet capture shows the DH group is undefined. Is there a parameter to
> set the DH group for the ike key exchange? I have the following parameter
> in my load-tester.conf file.
> proposal = aes-sha1-modp1024
> 
> 
> 
> 
> On Fri, Jan 29, 2016 at 12:40 PM, Michael Chan  wrote:
> 
>> Hi,
>>  I'm wanting to use the load-tester plugin to perform load testing on
>> remote host, but the remote host keeps sending back INVALID_KE_PAYLOAD
>> message back. When I do a packet capture I see that the DH group for key
>> exchange payload is undefined. I tried setting in the load-tester.conf file
>> esp and proposal to use modp1024, but it doesn't change the key exchange
>> payload DH group at all. Is there a way to set the group in load-tester?
>>
>> Thanks,
>> Michael
>>
> 
> 
> 
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJWrI7BAAoJEGK31ONirBTGozAP/2VUe4t/ZoCnSrxfMRzHat6X
IDmLzonBQVasovtUMVZn6grRy3IxhEQi6B7cnFwxeIkRG2Jh6gTSKGGwwho84mLP
MsnG3SrIuLwTCd/7unVxR6OFNsbKo07MhJFo/hVO4WlOKp0yKay+DuV8TBUVAAiq
FuZVTEgwJGTM83uOzOPC1b0Mfgr1T5prSFxSddq9GT3aEA5UR5pKK7655dRygrZQ
ppTQfBAWarFvj312PRUhgV6XnH/UFh+YBvXFWg5o0yGTX9kDWTy0vkX+rBPXA47h
GUI7xkG/Q98fKwWqPy//HdPjHFa7XSkbkOu9lkIfj7U6JzGKO7shwn6vvx/v5xFM
yhskEpValk+bLMbJOJxAi8v1qXooojnP3FdRKKXjc/8wLiDinrfBR56oukKC7sRX
Dk+L+nhUMmN644ymXRnFsQ5Jo9bjLK+CCGIQ3J1eDHmsyVOkvm7jG4uWbsx28LQz
V6/oPzXrY6XdcjLupkjwgkqJ4CpIERpzOlcU/G2+sAsbf0zJeIQ03ZKN0lzSuogF
7ppHM4wiwPAQu70M1xsbwOsu9r+N2NLf0atpleeKtVXCu6Mh8a9LC/Et1m4TF7Kq
6YkP2k5Soc9A0WnuFL72nbt616SorTUtm8mbVEQ1ocfToT/R9AHZZkvDYcmMezM3
2YZIxXVp0KRZGazBgqcS
=+tYA
-END PGP SIGNATURE-
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Is there any document on strongswan and pf_key usage ?

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Mahendra,

The link provided in [1] contains all information required to run stongswan
on FreeBSD from a user's perspective. 

On 01/29/2016 06:06 PM, Mahendra SP wrote:
> Hi Thomas
> 
> Thank you for the valuable inputs. I looked at the link and it is useful.
> 
> I am trying to understand the PF_KEY usage ( as I would like to use
> strongswan with FreeBSD ). Looking at the available documents, I am not
> finding one which has the latest info like all the PK key extensions and
> their usage for SPD and SAD update.
The link provided in [1] contains all information required to run stongswan
on FreeBSD from a user's perspective.

> I found the below link. Looks to be incomplete. Whats the best way to know
> PF key usage with IPsec and strongswan? Please provide any links.
> 
> http://www.kame.net/newsletter/20021210/
This link is 15 years old, I wouldn't expect any latest information here.
> 
> http://lxr.free-electrons.com/source/include/uapi/linux/pfkeyv2.h#L372
This link refers to a *LINUX* header file, not FreeBSD.
If you're looking for detailed information on FreeBSD, maybe you refer to
FreeBSD mailing lists.
Even though this is far beyond a user's scope, you may want to look at
[2] to get into the nuts and bolts of charon's pf_key communication.

Thomas

[2] 
https://github.com/strongswan/strongswan/tree/master/src/libhydra/plugins/kernel_pfkey

> Thanks
> Mahendra
> 
> On Tue, Jan 26, 2016 at 1:19 AM, Thomas Egerer <hakke_...@gmx.de> wrote:
> 
> Hi Mahendra,
> 
> On 01/25/2016 01:26 PM, Mahendra SP wrote:
>>>> Hi All,
>>>>
>>>> Could you please let me know if there is any document/links on usage of
>>>> pf_key in strongswan ? I am trying to use strongswan for FreeBSD and need
>>>> to understand pf_key usage.
> see [1].
>>>>
>>>> If I need to post this query to dev group, do let me know.
> No, that's not necessary!
> 
>>>> Thanks
>>>> Mahendra
>>>>
> 
> Cheers,
> Thomas
> 
> [1] https://wiki.strongswan.org/projects/1/wiki/FreeBSD
>> ___
>> Users mailing list
>> Users@lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/users
>>
> 
> 
> 
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJWq7Q0AAoJEGK31ONirBTGNqYP/10qXKEpm3pL1mvypndsc29W
+MGJRtJyP1Mp+86hnpqTPlpEJPeSnzIYBEsrNbvzpis8PlBy8qX42DPRQ3VpJxf7
JD1gKlV1+wgfNqMua/TBZMwNt79S6WmpH7xiaZ8dFA1lQPsZ4CTSXMHWkKo2qVNE
xY2AXWLM7EeIQZd3XCAdvNki1SFKusvcn9q/asiqR4ppY1ca2lpvwYgkqqG0gtyU
1zTIUvBVDs1lF13aPXO2q9bCNS7hGRsjV7B3HI/VroP90SlTdHaSU0ieGRLtd/Oc
Pe0+f4Df9YMzmGOI2amzElkFtAiUgpAerdkJ1H49Uzprzo7I7LDg26TTN5Ue1ODZ
tvcWK0Lmz9xwuwc3xiPmssjhSHYLT70dCSbnzSPwae0f7EnPFW+huZ/QqNaO2gNe
8f/idQV+5X4TnP5wcUUDqtMtmyA4swcsSO0NDhQGXb/20vYc+vwY2Vx+SOz7L2qz
yZMkp92b6abvsLFklV46LY4YqLkfEzE1tSb+MLpEdqs8ZZ/5DRaH/mOO5AZTHB8u
NtXSvtwv6fn2prgllq+Ee+fEqGWR05KesQIivauoK4eL4/uCLy+GRhgEUcChagX4
6YX5SzUZticSCvzv6mNhyXkf+ZvmFi/6HH/qOZzX7Txd/Cz3XesYAl8jL0hMcTKy
BfivtkfdSLA/+oQ4uvez
=jzhx
-END PGP SIGNATURE-
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] [KNL] received netlink error: No such file or directory (2) - unable to add SAD entry with SPI

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hi Conrad,

I submitted a patch to the linux kernel [1] which fixes the dependency
problem. Starting with kernel 4.5 it CONFIG_ECHAINIV should automatically
be selected by INET_ESP/INET6_ESP.

Cheers,
Thomas

[1] 
https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=32b6170ca59ccf07d0e394561e54b2cd9726038c

On 01/03/2016 11:34 PM, ck+strongswanus...@bl4ckb0x.de wrote:
> Hi Thomas!
> Sorry for my delay.
> 
>> Thomas Egerer <hakke_...@gmx.de> hat am 29. Dezember 2015 um 21:57
>> geschrieben:
>>
>>
>> On 12/29/2015 04:11 PM, Conrad Kostecki wrote:
>>> Hi Thomas!
>>>
>>> Am 29.12.2015 um 00:12 schrieb Thomas Egerer:
>>>> btw, I forgot.
>>>> As root, try to run
>>>>
>>>> ip x s add \
>>>>
>>>>
>>>>  src ::0 \
>>>>  dst ::0 \
>>>>  proto esp spi 0xC0123456 mode tunnel \
>>>>  reqid 1 \
>>>>  enc 'aes'
>>>> 0x0102030405060708010203040506070801020304050607080102030405060708 \
>>>>  auth 'sha1' 0x0102030405060708090a0b0c0d0e0f0001020304
>>>>
>>>> and see if this succeeds.
>>>
>>> That one fails for me.
>>> -> RTNETLINK answers: No such file or directory
>> Gotcha! That's exactly what I was hoping for. It does not mean we've
>> solved the issue yet, but we can definitely rule out a problem with the
>> ike daemon at this point. It's most likeley your kernel configuration
>> which is missing an configuration option. Have you hand-rolled your
>> kernel or used the Gentoo-supplied version of the .config?
>> I have the feeling -- don't know why -- the IV-generator is missing.
> 
> Bingo! You are right. I seems, that I've overseen this somehow. After
> recompiling my kernel, the connection is now working.
> 
> Many Thanks!
> Conrad
> 
>> Can you post your kernel config? And the LKM-option I posted before,
>> might still give us a clue what's missing.
>>
>> Cheers,
>> Thomas
>>
>>>
>>>> If this works then apparently all of the modules are present.
>>> I've run the check.sh from [1] and don't see any missing modules.
>>> I don't understand, what could be missing?
>>> See my results: http://pastebin.com/CAamjE8k
>>>
>>> [1] https://wiki.strongswan.org/projects/strongswan/wiki/KernelModules
>>>
>>> Cheers
>>> Conrad
>>> ___
>>> Users mailing list
>>> Users@lists.strongswan.org
>>> https://lists.strongswan.org/mailman/listinfo/users
>>
>>
>> ___
>> Users mailing list
>> Users@lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/users
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJWq9dgAAoJEGK31ONirBTGV+EQALXjYyt6T5P1gQMNrokkxZ7N
mWkDQ7pV0cjF6wLowEHK3ThepD9KtvlJQPpQDoQ3NSBLzOS3d8E+KWxKjupXz7zj
kLhzYLjCh6sAxLduZI6n3UXRYwLSPpV6r2VjBRoGH1l84fRoSU4pp28dEsnEioZY
KoY7I2/Z6mVfiMEVLuXnl9oSrgcUTmTr7mbD2J870Lo1MBXcChsq3qwm+i1599xr
HlOeUzvSruyJMxCgNtjVZz46pPT6FMJcNvCRddBobH8L27aHZCbqeo7QiaLUHjk3
bAG4HiJs7vR4w+Wguyd2gKHaUM25yn4WxKz/k0moHZtrF5wE8bj3+2ary+hPGJFL
FBVyqfNMbzJ+bg74eeVTiDpolUzzkJW4OSapwn6BpfUXNg8QjuXYh+7SEBrlL475
3Fsw2cp0/00KT02YTuK7UcD9BR0SFtVxGR6Z3wA2B754uBfYxHu3B57twb774kcV
+KKCs8LJseiCsO3v3Sj7R1caSoK8WSma9bsldxtXfP2KnYu2hYWO+JjIKoL4NwjA
jnLDD3k61IycitSh0VDo/Hj81HKIk9KFGhgAinpKA8K6JSVh5OVrjUKJRg+0fe1Z
oS6kUsIQ/UxfGIxAqRiZAC9QJlNnwnJMxLiMBZCuQ3RLX2eao53ZUx4DqUVlb9zg
2BKAF50WPddfOplKwpi7
=cgs8
-END PGP SIGNATURE-
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Is there any document on strongswan and pf_key usage ?

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hi Mahendra,

On 01/25/2016 01:26 PM, Mahendra SP wrote:
> Hi All,
> 
> Could you please let me know if there is any document/links on usage of
> pf_key in strongswan ? I am trying to use strongswan for FreeBSD and need
> to understand pf_key usage.
see [1].
> 
> If I need to post this query to dev group, do let me know.
No, that's not necessary!

> Thanks
> Mahendra
> 

Cheers,
Thomas

[1] https://wiki.strongswan.org/projects/1/wiki/FreeBSD
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJWpnxCAAoJEGK31ONirBTGWMIP/jn8WCeGHAYUZn+nR6r+2w5F
wu8TZOnAsgSVmY+OoD3dbbqy+R4O81T2HS1fC2oVo/hQsT27wuAgktnpMX7XuRgq
Psj3BC/w9nLDOwjqIxKnWefJ1zSzt0b4iYTaGuMHxK50Pu3oqkIS+xTQt5/t0Rid
aUTJJpdZm3RqWJFLbkmNv6Xk/Jc1q5uzsP1SH7DQxiolJT6Q6NmEubJifQAj43jQ
X71MWWLPK+E+253X90Tgzdr2a+tzXou054zy6wdYX1HlLg696IAMX8/YdXAnWQvq
kNwg4RB/bRSc8WU+0S55Sy4hqeXLzA2IOygGm3B8rx3VScOGD+t3sWABXcqCCs90
Bm+I9ZZ59xK3zR3LA7nJChsTO3sA8UZvgJi22iMfahz2m0Qn2q2KfGNQKMZzjVhU
UNiBAK/aPtpBbqQKXWi+bqA18rdvNxuYg2d30hmjo2AGWQXOM1We/cxdCzNpACk9
/C5PoVQ7XDg8kj/TBZzclLjtRMjzLEGbdbB6hfb0b79Ro8VBnq+zYSlCSnMB5Sel
axjm68G1oUIuBKI9OFRSYw7a8juEQvTXmc41jJT1BOpb9XQmI5Iois1yYxcY3z9I
SNg6cFMb3PGpW4/SJoizvHTuzMqDILrQDxnS44Fa1pGLLsXOYCtfhM/DGcMswoYc
iHZ6PdK9x3C8drYqbhK8
=rrSS
-END PGP SIGNATURE-
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Connecting a Zyxel client with PSK to strongswan

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

CJ,

neither of your connections has a reasonable 'right' parameter [1],
so charon has to guess which connection to select. Based on what
the log says, it choses CertBased over the one you want (testzyxel).
Try adding 'right=207.8.183.25' to conn testzyxel. This should
let charon select the proper IKE/Peer config.

Cheers,
Thomas

[1] https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection

On 01/22/2016 06:04 AM, CJ Fearnley wrote:
> Unfortunately, the Zyxel's cannot use a CA signed cert, so I'm forced to
> try to connect them with PSK despite our other ipsec clients using certs
> (Netgears).
> 
> I have this configuration (Debian Jessie, Linux strongSwan
> U5.2.1/K3.16.0-4-amd64):
> 
> config setup
> uniqueids=no
> 
> conn %default
> mobike=no
> keyexchange=ikev1
> left=216.130.102.66
> leftsubnet=192.168.101.0/24
> auto=add
> 
> conn CertBased
> leftid="C=US, ST=IL, L=Glenwood, O=[Private redacted], CN=[Private 
> redacted], E=[Private redacted]"
> leftcert=[Private redacted],crt
> leftsendcert=always
> ike=3des-sha1-modp1024!
> esp=3des-sha1-modp1024!


> conn Netgear
> rightsubnet=192.168.190.0/24
> right=%any
> also=CertBased
> 
> conn testzyxel
> rightsubnet=192.168.221.0/24
> leftsendcert=no
> authby=psk
> compress=no
> ikelifetime=8h
> lifetime=8h
> ike=aes256-sha256-modp1024!
> esp=aes256-sha256-modp1024!
> 
> The Netgear connections work. The testzyxel connections fail.
> 
> I've tried it with the ike= and esp= lines commented out too.
> 
> When I set ike logging to level 2: ipsec stroke loglevel ike 2, I see this in
> the logs:
> 
> Jan 21 23:04:25 cw1 charon: 10[IKE] 207.8.183.25 is initiating a Main Mode 
> IKE_SA
> Jan 21 23:04:25 cw1 charon: 10[IKE] IKE_SA (unnamed)[19] state change: 
> CREATED => CONNECTING
> Jan 21 23:04:25 cw1 charon: 10[CFG] received proposals: 
> IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024
> Jan 21 23:04:25 cw1 charon: 10[CFG] configured proposals: 
> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
> Jan 21 23:04:25 cw1 charon: 10[IKE] no proposal found
> 
> I have tried every combination of encryption & integrity algorigthms
> that I could think of. It always claims to be configured for
> 3DES_CBC/HMAC_SHA1_96 instead of AES_CBC_256/HMAC_SHA2_256_128. Can this
> be fixed?
> 
> I consulted https://wiki.strongswan.org/projects/1/wiki/IKEv1CipherSuites
> and so I would think specifying aes256-sha256-modp1024 should work. Why isn't
> strongswan accepting it?
> 
> In /etc/strongswan.d/charon.conf, I added the line
> # Plugins to load in the IKE daemon charon.
> load = openssl aes sha1 sha2 hmac x509
> 
> I included the part of the configuration that uses certs to authenticate
> our Netgear clients. Could the ike= and esp= lines needed for the Netgears
> be blocking the testzyxel stanza from using aes256-sha256?
> 
> Here is the output of "ipsec listalgs":
> 
> List of registered IKE algorithms:
> 
> sudo ipsec listalgs
> 
> List of registered IKE algorithms:
> 
>   encryption: AES_CBC[af-alg] DES_CBC[af-alg] DES_ECB[af-alg] 
> 3DES_CBC[af-alg] AES_CTR[af-alg] CAMELLIA_CBC[af-alg]
>   CAMELLIA_CTR[af-alg] CAST_CBC[af-alg] BLOWFISH_CBC[af-alg] 
> SERPENT_CBC[af-alg] TWOFISH_CBC[af-alg]
>   NULL[openssl] RC2_CBC[rc2]
>   integrity:  HMAC_SHA1_96[af-alg] HMAC_SHA1_128[af-alg] 
> HMAC_SHA1_160[af-alg] HMAC_SHA2_256_96[af-alg]
>   HMAC_SHA2_256_128[af-alg] HMAC_MD5_96[af-alg] 
> HMAC_MD5_128[af-alg] HMAC_SHA2_256_256[af-alg]
>   HMAC_SHA2_384_192[af-alg] HMAC_SHA2_384_384[af-alg] 
> HMAC_SHA2_512_256[af-alg] HMAC_SHA2_512_512[af-alg]
>   AES_XCBC_96[af-alg] CAMELLIA_XCBC_96[af-alg] AES_CMAC_96[cmac]
>   aead:   AES_CCM_8[ccm] AES_CCM_12[ccm] AES_CCM_16[ccm] 
> CAMELLIA_CCM_8[ccm] CAMELLIA_CCM_12[ccm]
>   CAMELLIA_CCM_16[ccm] AES_GCM_8[gcm] AES_GCM_12[gcm] 
> AES_GCM_16[gcm]
>   hasher: HASH_SHA1[af-alg] HASH_MD4[af-alg] HASH_MD5[af-alg] 
> HASH_SHA224[af-alg] HASH_SHA256[af-alg]
>   HASH_SHA384[af-alg] HASH_SHA512[af-alg]
>   prf:PRF_HMAC_SHA1[af-alg] PRF_HMAC_SHA2_256[af-alg] 
> PRF_HMAC_MD5[af-alg] PRF_HMAC_SHA2_384[af-alg]
>   PRF_HMAC_SHA2_512[af-alg] PRF_AES128_XCBC[af-alg] 
> PRF_CAMELLIA128_XCBC[af-alg] PRF_AES128_CMAC[cmac]
>   PRF_KEYED_SHA1[openssl] PRF_FIPS_SHA1_160[fips-prf]
>   dh-group:   MODP_2048[gcrypt] MODP_2048_224[gcrypt] MODP_2048_256[gcrypt] 
> MODP_1536[gcrypt] MODP_3072[gcrypt]
>   MODP_4096[gcrypt] MODP_6144[gcrypt] MODP_8192[gcrypt] 
> MODP_1024[gcrypt] MODP_1024_160[gcrypt]
>   MODP_768[gcrypt] MODP_CUSTOM[gcrypt] ECP_256[openssl] 
> ECP_384[openssl] ECP_521[openssl] ECP_224[openssl]
>   ECP_192[openssl] ECP_224_BP[openssl] ECP_256_BP[openssl] 
> ECP_384_BP[openssl] ECP_512_BP[openssl]
>   random-gen: RNG_WEAK[gcrypt] 

Re: [strongSwan] tunnel traffic exemption w/ strongswan

[Thomas Egerer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On January 11, 2016 3:47:36 PM GMT+01:00, John Mah  wrote:
>Is there an easy way to configure strongswan to not route traffic to a
>single address over an IPSec connection? (ie: alter the gateway's
>leftsubnet attribute) This would be similar to the traffic selector,
>but... not quite. More like an anti-traffic selector.
>
>We have in our configurations:
>
>conn iphone-ios8
>   [...]
>   leftsubnet=0.0.0.0/0
>   leftfirewall=no
>   leftcert=ios8.pem
>   right=%any
>   rightsubnet=10.251.0.0/16
>   rightsourceip=10.251.0.0/16
>   [...]
>
>If so, is there a way to do with IKEv1 connections as well?
>
>thanks,
>- John
>___
>Users mailing list
>Users@lists.strongswan.org
>https://lists.strongswan.org/mailman/listinfo/users

Try a type = passthrough connection for the particular IP [1]

[1] https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection
- --
Sent from a mobile device. Please excuse my brevity.
-BEGIN PGP SIGNATURE-
Version: APG v1.1.1

iQI+BAEBCgAoBQJWlWmGIRxUaG9tYXMgRWdlcmVyIDxoYWtrZV8wMDdAZ214LmRl
PgAKCRBit9TjYqwUxrulD/47wYwTg+Cczmtc2uYcpGwYzc/eciLzCaPq3XV13c3Z
BCTku3W4uCnSPr6bUP0/WeTopfK9/jSrBwF9T7nZLBeaJOAQk8mztaI4xXjAWzGR
ENfSI/p/5NMasw4bV5bZ+5CijSW5Wjia9OE7Wq5oDhGC96mnQl5QDB7ENsWlhCTD
uJKtuMrTvHb4KOJTEKLGwLBuvaOlOJYWl/RayDCi7yMD5T5N/C71KTrQ17hCrQJs
vwuJrrFoYj7+1qJsZjB8O08gCusOqBy4SC/ovQWKtrARPls8oZH7bZ/NT6cSFUfN
vUuK7O1XIIWIU3rWPa/OoEIaqQ5d/9oHuRzYgbnOaSeG3zuTQtS8/pVaG/uhbpWK
CEuWb4j8YqNNAC8HpBl9P93t+4hiQwFFjyoK54oZxlzRLLrLwL+hjfcXQQSPi9O7
AgPwrItnCJu08nvG6wlAOz0MB1+/+R6s5EUCGlTr8rXGYxw37hY4/Xkp9BBkMw6L
XFzwfRJ8a7SfSst82CiNNEUf9gN/voIl32tTTxeaikD5oSimf4TF78musm/S865/
cF1QGmOCry54oqjI+q/9y1Se9xpGUmV4jW03jQDb1FYXPYfa87DXCM0wutWkmyzG
GHLxFG5zzDkTG4YO/HQIJySpazXkiU58jw61Oqs1DaO8YmKZVnBU+B3/uUGpZ21s
Og==
=1p0U
-END PGP SIGNATURE-

___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Planning an upgrade of strongswan from 4.4.1 to 5.2.1

[Thomas Egerer]

On 01/09/2016 02:52 PM, CJ Fearnley wrote:
> I cleared the 3DEC_CBC hurdle by installing libstrongswan-standard-plugins
> 
> Now three clients have connected. Whoo hoo!
> 
> However, I'm getting this behavior with one of the other clients:
> 
> Jan  9 08:45:57 cw1 ipsec[19931]: 05[NET] received packet: from 
> 67.151.41.186[500] to 216.130.102.66 [500] (292 bytes)
> Jan  9 08:45:57 cw1 ipsec[19931]: 05[IKE] received retransmit of request with 
> ID 3004727439, but no response to retransmit
> 
> What does that mean?
It means 67.151.41.186 can reach 216.130.102.66 but apparently not the
other way around. Does not look like a NATted connection to me, unless
your NAT router does not (need to) changed the port (500).
Unfortunately you stripped the information of what the retransmitted
packet originally contained, also having a look on the log of the peer
(67.151.41.186) probably wouldn't hurt.

Cheers,
Thomas
> 
> On Sat, Jan 09, 2016 at 08:58:42PM +0800, Rayson Zhu wrote:
>> Both peers should use identical cipher algorithms.
>> The former message you got shows that your local peer uses
>> aes128-sha256-modp2048 but the remote peer is configured to use
>> 3des-sha1-modp1024.
>> The latter one shows your local peer doesn't support for 3des, maybe caused
>> by lack of some libraries. By the way, 3des is an outdated encryption
>> algorithm.
>>
>>
>>
>> On Sat, Jan 9, 2016 at 8:32 PM, CJ Fearnley  wrote:
>>
>>> I added those two lines to the conn %default section. Then I ran "ipsec
>>> restart". There failure messages have changed slightly:
>>>
>>> Jan  9 07:23:18 cw1 ipsec[19452]: 12[IKE] 67.151.55.146 is initiating a
>>> Main Mode IKE_SA
>>> Jan  9 07:23:18 cw1 ipsec[19452]: 12[CFG] received proposals:
>>> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA
>>> 1/MODP_1024
>>> Jan  9 07:23:18 cw1 ipsec[19452]: 12[CFG] configured proposals:
>>> IKE:AES_CBC_128/HMAC_SHA2_256_128/PR
>>> F_HMAC_SHA2_256/MODP_2048
>>> Jan  9 07:23:18 cw1 ipsec[19452]: 12[IKE] no proposal found
>>> Jan  9 07:23:18 cw1 ipsec[19452]: 12[ENC] generating INFORMATIONAL_V1
>>> request 1836105202 [ N(NO_PROP
>>> ) ]
>>>
>>> So I tried
>>> ike = 3des-sha1-modp1024!
>>> esp = 3des-sha1-modp1024!
>>>
>>> But now I run into this:
>>>
>>> Jan  9 07:29:28 cw1 ipsec[19697]: 13[IKE] 67.151.55.146 is initiating a
>>> Main Mode IKE_SA
>>> Jan  9 07:29:29 cw1 charon: 15[NET] received packet: from
>>> 67.151.55.146[500] to 216.130.102.66[500] (200 bytes)
>>> Jan  9 07:29:29 cw1 charon: 15[ENC] parsed ID_PROT request 0 [ KE No V ]
>>> Jan  9 07:29:29 cw1 charon: 15[ENC] received unknown vendor ID:
>>> 70:03:cb:c1:09:7d:be:9c:26:00:ba:69:83:bc:8b:35
>>> Jan  9 07:29:29 cw1 charon: 15[IKE] sending cert request for "C=US,
>>> [redacted ...]"
>>> Jan  9 07:29:29 cw1 charon: 15[IKE] ENCRYPTION_ALGORITHM 3DES_CBC (key
>>> size 0) not supported!
>>> Jan  9 07:29:29 cw1 charon: 15[IKE] key derivation for RSA signature failed
>>> Jan  9 07:29:29 cw1 charon: 15[ENC] generating INFORMATIONAL_V1 request
>>> 1044526370 [ HASH N(INVAL_KE) ]
>>>
>>> And I'm stuck again.
>>>
>>> On Sat, Jan 09, 2016 at 02:15:51PM +0800, Rayson Zhu wrote:
 Hi, try specifying IKE & ESP cipher suits explicitly for all peers. For
 example
 ike = aes128-sha256-modp2048!
 esp = aes128-sha256-modp2048!

 On Sat, Jan 9, 2016 at 2:04 PM, CJ Fearnley  wrote:

> Well, my upgrade from strongswan 4.4.1-5.7 to 5.2.1-6+deb8u1 (Debian
> Squeeze to Jessie on new hardware) is not going well. No connections
> have re-established.
>
> I'm using the same ipsec.conf that worked on 4.4.1-5.7. See the
>>> referenced
> e-mail from Dec 9th when I asked about the upgrade process.
>
> Each client is generating this pattern in the logs over and over:
>
> Jan  9 01:01:07 cw1 charon: 06[IKE] 67.151.55.146 is initiating a Main
> Mode IKE_SA
> Jan  9 01:01:07 cw1 charon: 06[CFG] received proposals:
> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
> Jan  9 01:01:07 cw1 charon: 06[CFG] configured proposals:
> IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048,
> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536,
>
>>> IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/HMAC_SHA1_96/HMAC_MD5_96/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/AES_XCBC_96/PRF_HMAC_SHA1/PRF_HMAC_MD5/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_3072/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160
> Jan  9 01:01:07 cw1 charon: 06[IKE] no proposal found
> Jan  9 01:01:07 cw1 charon: 06[ENC] generating INFORMATIONAL_V1 request
> 3117715548 [ N(NO_PROP) ]
>
> I have double checked that I copied from backups the contents of
> /etc/ipsec.d/cacerts
> /etc/ipsec.d/certs
> /etc/ipsec.d/private
>
> Do I need to add some encryption plugins? Or can I simply specify using
> the ike= configuration option for 

Re: [strongSwan] [KNL] received netlink error: No such file or directory (2) - unable to add SAD entry with SPI

[Thomas Egerer]

On 12/29/2015 04:11 PM, Conrad Kostecki wrote:
> Hi Thomas!
> 
> Am 29.12.2015 um 00:12 schrieb Thomas Egerer:
>> btw, I forgot.
>> As root, try to run
>>
>> ip x s add \
>>
>>
>>  src ::0 \
>>  dst ::0 \
>>  proto esp spi 0xC0123456 mode tunnel \
>>  reqid 1 \
>>  enc 'aes'
>> 0x0102030405060708010203040506070801020304050607080102030405060708 \
>>  auth 'sha1' 0x0102030405060708090a0b0c0d0e0f0001020304
>>
>> and see if this succeeds.
> 
> That one fails for me.
> -> RTNETLINK answers: No such file or directory
Gotcha! That's exactly what I was hoping for. It does not mean we've
solved the issue yet, but we can definitely rule out a problem with the
ike daemon at this point. It's most likeley your kernel configuration
which is missing an configuration option. Have you hand-rolled your
kernel or used the Gentoo-supplied version of the .config?
I have the feeling -- don't know why -- the IV-generator is missing.
Can you post your kernel config? And the LKM-option I posted before,
might still give us a clue what's missing.

Cheers,
Thomas

> 
>> If this works then apparently all of the modules are present.
> I've run the check.sh from [1] and don't see any missing modules.
> I don't understand, what could be missing?
> See my results: http://pastebin.com/CAamjE8k
> 
> [1] https://wiki.strongswan.org/projects/strongswan/wiki/KernelModules
> 
> Cheers
> Conrad
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] [KNL] received netlink error: No such file or directory (2) - unable to add SAD entry with SPI

[Thomas Egerer]

Hi Conrad,

On 12/28/2015 12:33 AM, Conrad Kostecki wrote:> Hi Thomas!
> Here is my output: http://pastebin.com/46dgkmKc
Looks good to me. Even also more thorough analysis of the netlink
message show that it's fine.
The fact that aes and sha1 are available, the message is OK and
that the kernel apparently returns ENOENT if the loading of a
particular module fails, leads me to believe that the modules
from [1] are missing, particularely the . Or is there any chance the
kernel you emerged, has some Gentoo-only patches?
You can modify the kernel module loader as described in [2], to log
attempts of module loading prior to the actual loading is done. This
along with a list of loaded modules before and after the tunnel
initiation should get is (hopefully) further.

Cheers,
Thomas

[1] https://wiki.strongswan.org/projects/strongswan/wiki/KernelModules
[2] http://tldp.org/HOWTO/Module-HOWTO/x197.html#AUTOLOAD

>
> Cheers
> Conrad
>
> Am 27.12.2015 um 22:58 schrieb Thomas Egerer:
>> Conrad, I only had a quick look at the log. Nothing suspicous so far.
>> However, I need the output of your /proc/crypto file to know what
>> crypto algorithms are supported by your kernel.
>>
>> Cheers,
>> Thomas
>>
>> On 12/27/2015 09:07 PM, Conrad Kostecki wrote:
>>> Hi Thomas!
>>>
>>> Am 27.12.2015 um 20:19 schrieb Thomas Egerer:
>>>> Hello Conrad
>>>>
>>>> On 12/26/2015 01:55 PM, ck+strongswanus...@bl4ckb0x.de wrote:
>>>>> Hello!
>>>>> I am trying to setup StrongSwan on a new Gentoo server.
>>>>> My Lumia 950XL (Windows Phone 10) is the connecting device.
>>>>>
>>>>> The connection fails, because I am getting "Invalid payload
>>>>> received" on
>>>>> the client side.
>>>>>
>>>>> Debug Log: http://pastebin.com/huTE2PxY
>>>>> Config: http://pastebin.com/9q84N6ii
>>>> I suspect that one of the negotiated crypto algorithms for ESP is not
>>>> available in the kernel. According to your config this should be AES256
>>>> along with SHA1. It could however not hurt to turn up logging for cfg
>>>> faciliy to 2 in your ipsec.conf. Loglevel 3 or 4 for knl would give us
>>>> the exact netlink message which in this case would be much better.
>>>> Modify the appropriate ipsec.conf line as follows:
>>>> charondebug="cfg 2, dmn 2, ike 2, net 2, lib 3, knl 4"
>>>> and run your test again. Then we can analyze the logs and see if this
>>>> gets us any further.
>>>
>>> Thanks for the suggestion. I've modified it and created a new log file:
>>> http://pastebin.com/yJDiKfeg
>>>
>>> AES256 and SHA1 are build in in my kernel, if I am not searching for the
>>> wrong options..
>>>
>>> CONFIG_CRYPTO_SHA1=y
>>> CONFIG_CRYPTO_SHA1_SSSE3=y
>>> CONFIG_CRYPTO_SHA256_SSSE3=y
>>> CONFIG_CRYPTO_SHA512_SSSE3=y
>>> CONFIG_CRYPTO_SHA1_MB=y
>>> CONFIG_CRYPTO_SHA256=y
>>> CONFIG_CRYPTO_SHA512=y
>>>
>>> CONFIG_CRYPTO_AES=y
>>> CONFIG_CRYPTO_AES_X86_64=y
>>> CONFIG_CRYPTO_AES_NI_INTEL=y
>>>
>>> CONFIG_CRYPTO_HMAC=y
>>>
>>> CONFIG_CRYPTO_CBC=y
>>>
>>> Cheers
>>> Conrad
>>>
>>>
>>>
>>> ___
>>> Users mailing list
>>> Users@lists.strongswan.org
>>> https://lists.strongswan.org/mailman/listinfo/users
>>>
>>
>>
>>
>>
>> ___
>> Users mailing list
>> Users@lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/users
>>
>
>
>
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
>




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] [KNL] received netlink error: No such file or directory (2) - unable to add SAD entry with SPI

[Thomas Egerer]

btw, I forgot.
As root, try to run

ip x s add \


src ::0 \
dst ::0 \
proto esp spi 0xC0123456 mode tunnel \
reqid 1 \
enc 'aes'
0x0102030405060708010203040506070801020304050607080102030405060708 \
auth 'sha1' 0x0102030405060708090a0b0c0d0e0f0001020304

and see if this succeeds. If so, you will have to issue a

ip x s delete  src ::0 dst ::0 proto esp spi 0xC0123456

to get rid of the state.
If this works then apparently all of the modules are present.

Cheers,
Thomas


On 12/28/2015 12:33 AM, Conrad Kostecki wrote:
> Hi Thomas!
> Here is my output: http://pastebin.com/46dgkmKc
> 
> Cheers
> Conrad
> 
> Am 27.12.2015 um 22:58 schrieb Thomas Egerer:
>> Conrad, I only had a quick look at the log. Nothing suspicous so far.
>> However, I need the output of your /proc/crypto file to know what
>> crypto algorithms are supported by your kernel.
>>
>> Cheers,
>> Thomas
>>
>> On 12/27/2015 09:07 PM, Conrad Kostecki wrote:
>>> Hi Thomas!
>>>
>>> Am 27.12.2015 um 20:19 schrieb Thomas Egerer:
>>>> Hello Conrad
>>>>
>>>> On 12/26/2015 01:55 PM, ck+strongswanus...@bl4ckb0x.de wrote:
>>>>> Hello!
>>>>> I am trying to setup StrongSwan on a new Gentoo server.
>>>>> My Lumia 950XL (Windows Phone 10) is the connecting device.
>>>>>
>>>>> The connection fails, because I am getting "Invalid payload
>>>>> received" on
>>>>> the client side.
>>>>>
>>>>> Debug Log: http://pastebin.com/huTE2PxY
>>>>> Config: http://pastebin.com/9q84N6ii
>>>> I suspect that one of the negotiated crypto algorithms for ESP is not
>>>> available in the kernel. According to your config this should be AES256
>>>> along with SHA1. It could however not hurt to turn up logging for cfg
>>>> faciliy to 2 in your ipsec.conf. Loglevel 3 or 4 for knl would give us
>>>> the exact netlink message which in this case would be much better.
>>>> Modify the appropriate ipsec.conf line as follows:
>>>> charondebug="cfg 2, dmn 2, ike 2, net 2, lib 3, knl 4"
>>>> and run your test again. Then we can analyze the logs and see if this
>>>> gets us any further.
>>>
>>> Thanks for the suggestion. I've modified it and created a new log file:
>>> http://pastebin.com/yJDiKfeg
>>>
>>> AES256 and SHA1 are build in in my kernel, if I am not searching for the
>>> wrong options..
>>>
>>> CONFIG_CRYPTO_SHA1=y
>>> CONFIG_CRYPTO_SHA1_SSSE3=y
>>> CONFIG_CRYPTO_SHA256_SSSE3=y
>>> CONFIG_CRYPTO_SHA512_SSSE3=y
>>> CONFIG_CRYPTO_SHA1_MB=y
>>> CONFIG_CRYPTO_SHA256=y
>>> CONFIG_CRYPTO_SHA512=y
>>>
>>> CONFIG_CRYPTO_AES=y
>>> CONFIG_CRYPTO_AES_X86_64=y
>>> CONFIG_CRYPTO_AES_NI_INTEL=y
>>>
>>> CONFIG_CRYPTO_HMAC=y
>>>
>>> CONFIG_CRYPTO_CBC=y
>>>
>>> Cheers
>>> Conrad
>>>
>>>
>>>
>>> ___
>>> Users mailing list
>>> Users@lists.strongswan.org
>>> https://lists.strongswan.org/mailman/listinfo/users
>>>
>>
>>
>>
>>
>> ___
>> Users mailing list
>> Users@lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/users
>>
> 
> 
> 
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] [KNL] received netlink error: No such file or directory (2) - unable to add SAD entry with SPI

[Thomas Egerer]

Hello Conrad

On 12/26/2015 01:55 PM, ck+strongswanus...@bl4ckb0x.de wrote:
> Hello!
> I am trying to setup StrongSwan on a new Gentoo server.
> My Lumia 950XL (Windows Phone 10) is the connecting device.
> 
> The connection fails, because I am getting "Invalid payload received" on
> the client side.
> 
> Debug Log: http://pastebin.com/huTE2PxY
> Config: http://pastebin.com/9q84N6ii
I suspect that one of the negotiated crypto algorithms for ESP is not
available in the kernel. According to your config this should be AES256
along with SHA1. It could however not hurt to turn up logging for cfg
faciliy to 2 in your ipsec.conf. Loglevel 3 or 4 for knl would give us
the exact netlink message which in this case would be much better.
Modify the appropriate ipsec.conf line as follows:
  charondebug="cfg 2, dmn 2, ike 2, net 2, lib 3, knl 4"
and run your test again. Then we can analyze the logs and see if this
gets us any further.

Cheers,
Thomas



signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] [KNL] received netlink error: No such file or directory (2) - unable to add SAD entry with SPI

[Thomas Egerer]

Conrad, I only had a quick look at the log. Nothing suspicous so far.
However, I need the output of your /proc/crypto file to know what
crypto algorithms are supported by your kernel.

Cheers,
Thomas

On 12/27/2015 09:07 PM, Conrad Kostecki wrote:
> Hi Thomas!
> 
> Am 27.12.2015 um 20:19 schrieb Thomas Egerer:
>> Hello Conrad
>>
>> On 12/26/2015 01:55 PM, ck+strongswanus...@bl4ckb0x.de wrote:
>>> Hello!
>>> I am trying to setup StrongSwan on a new Gentoo server.
>>> My Lumia 950XL (Windows Phone 10) is the connecting device.
>>>
>>> The connection fails, because I am getting "Invalid payload received" on
>>> the client side.
>>>
>>> Debug Log: http://pastebin.com/huTE2PxY
>>> Config: http://pastebin.com/9q84N6ii
>> I suspect that one of the negotiated crypto algorithms for ESP is not
>> available in the kernel. According to your config this should be AES256
>> along with SHA1. It could however not hurt to turn up logging for cfg
>> faciliy to 2 in your ipsec.conf. Loglevel 3 or 4 for knl would give us
>> the exact netlink message which in this case would be much better.
>> Modify the appropriate ipsec.conf line as follows:
>>charondebug="cfg 2, dmn 2, ike 2, net 2, lib 3, knl 4"
>> and run your test again. Then we can analyze the logs and see if this
>> gets us any further.
> 
> Thanks for the suggestion. I've modified it and created a new log file:
> http://pastebin.com/yJDiKfeg
> 
> AES256 and SHA1 are build in in my kernel, if I am not searching for the
> wrong options..
> 
> CONFIG_CRYPTO_SHA1=y
> CONFIG_CRYPTO_SHA1_SSSE3=y
> CONFIG_CRYPTO_SHA256_SSSE3=y
> CONFIG_CRYPTO_SHA512_SSSE3=y
> CONFIG_CRYPTO_SHA1_MB=y
> CONFIG_CRYPTO_SHA256=y
> CONFIG_CRYPTO_SHA512=y
> 
> CONFIG_CRYPTO_AES=y
> CONFIG_CRYPTO_AES_X86_64=y
> CONFIG_CRYPTO_AES_NI_INTEL=y
> 
> CONFIG_CRYPTO_HMAC=y
> 
> CONFIG_CRYPTO_CBC=y
> 
> Cheers
> Conrad
> 
> 
> 
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Question regarding smartcard configuration

[Thomas Egerer]

On 12/23/2015 11:58 PM, Thomas Egerer wrote:
> [...]
>> Do have an idea which feature is meant or what/where to check ?
> One of the critical plugin features failed to load. It's amazing
> since none of your plugins is marked as critical (has a leading
> !-sign). I doubt, it's the untrusted certificate. Try setting the
> loglevel for facility cfg to 3 (see [1] for further info, essentially
> the line looks like 'cfg = 3'). This should reveal the problem.
> Hope that helps.
I should have mentioned that I'm referring to the strongswan.conf.

>> [...]
> 
Cheers²,
Thomas
> 
> [1] https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration
> 
> 
> 
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Question regarding smartcard configuration

[Thomas Egerer]

Hi Marian

On 12/23/2015 11:02 PM, Marian Thieme wrote:
> Hi Tobias
Hope you don't mind me answering :)
> 
> thank you a lot for the assistance ! ... so far =)
> 
> I could partially solve the pkcs11 engine plugin load issue. For some
> reason it only works if I specify plugins statically. Any idea why this
> is the case ? As an attempt I currently load the following modules:
> 
> charon {
> load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl
> revocation hmac xcbc stroke kernel-netlink socket-default openssl pkcs11
> ...
> }
> 
> Now, unfortunately, the charon aborts after reading the certificates
> from the card. The last logs are:
> 
> Dec 23 22:38:39 00[CFG] loaded untrusted cert 'Marian Thieme ENC 11'
> Dec 23 22:38:39 00[LIB] failed to load 1 critical plugin feature
> Dec 23 22:38:39 00[DMN] initialization failed - aborting charon
> 
> Do have an idea which feature is meant or what/where to check ?
One of the critical plugin features failed to load. It's amazing
since none of your plugins is marked as critical (has a leading
!-sign). I doubt, it's the untrusted certificate. Try setting the
loglevel for facility cfg to 3 (see [1] for further info, essentially
the line looks like 'cfg = 3'). This should reveal the problem.
Hope that helps.
> [...]

Cheers,
Thomas

[1] https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration



signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Traffic Pauses to IKEv1 VPN with Juniper ISG 1000

[Thomas Egerer]

On 12/13/2015 09:50 PM, Mahesh Neelakanta wrote:
> Thanks Thomas. I was able to run the "ip" command but it does look like (as
> you mentioned) that CONFIG_XFRM_STATISTICS is disabled (this is the amazon
> ubuntu 12.04 AMI). I'll try a newer release of amazon's own linux to see if
> it has it installed before trying a kernel recompile.
The kernel option is marked experimental. I doubt, any distro will have
enabled it.
> Right now the ip
> command shows no errors (but i've restarted vpn) so i'll await it to hang
> again.
> 
> ip -s x s s spi 0xc6ff382c
> 
> proto esp spi 0xc6ff382c(3338614828) reqid 2(0x0002) mode tunnel
> replay-window 32 seq 0x flag af-unspec (0x0010)
> auth-trunc hmac(sha1) 0xc609a31c3e5b7d6fa5267737c759fed017d2d6ea
> (160 bits) 96
> enc cbc(aes) 0x4fba8977e230c1155780f03a19b90111 (128 bits)
Mahesh you posted your keys! That's awful! It enables anyone who
recorded your traffic to easily decrypt it. Reestablish the SA *as*
*soon* *as* *possible*!
> lifetime config:
>   limit: soft (INF)(bytes), hard (INF)(bytes)
>   limit: soft (INF)(packets), hard (INF)(packets)
>   expire add: soft 3600(sec), hard 3600(sec)
>   expire use: soft 0(sec), hard 0(sec)
> lifetime current:
>   183887577(bytes), 191174(packets)
>   add 2015-12-13 20:39:21 use 2015-12-13 20:39:21
> *stats:*
> *  replay-window 0 replay 0 failed 0*
Stats look fine. You should however check the settings when the error
you mentioned occurs!

Cheers,

Thomas
> 
> On Sun, Dec 13, 2015 at 3:23 PM, Thomas Egerer <hakke_...@gmx.de> wrote:
> 
>> Mahesh,
>>
>> run 'ip -s x s s spi <your_broken_inbound_spi' (as root) on your
>> Linux-Box and check if your error statistics increase for the particular :
>> 
>> stats:
>>   replay-window 0 replay 0 failed 0
>> 
>> Also: 'grep -vw 0 /proc/net/xfrm_stat' and check for increasing
>> counters. You will probably have to rebuild your Linux-kernel for this,
>> unless it has the CONFIG_XFRM_STATISTICS option enabled. If the file
>> does exist you're lucky, if not -- like on current Debian systems -- you
>> will have to recompile.
>> The rationale behind this is that your inbound traffic gets dropped
>> during inbound transformation. Reasons for this may vary: failed
>> integrity checks, replay problems, failed inbound policy check etc.
>>
>> Cheers,
>> Thomas
>>
>>
>> On 12/13/2015 05:06 PM, Mahesh Neelakanta wrote:
>>> Hi,
>>>  I  have a Strongswan VPN server that is being used to terminate VPN
>>> connections with multiple endpoints. Most of the existing endpoints are
>>> cisco, sophos, etc. Recently I have a Juniper ISG 1000 endpoint that is
>>> posing some intermittent traffic problems.
>>>
>>> The exact issue is that traffic over the VPN pauses after some (random)
>>> time. The tunnel itself is up and at the next rekey traffic starts
>> flowing
>>> again. If I reduce the re-key time from 3600s down to 600s, the problem
>> is
>>> reduced significantly. I did verify with the remote side that their
>> keylife
>>> is 3600s. We do not have DPD enabled. There is constant traffic so there
>>> are no periods of inactivity.
>>>
>>> During the periods where traffic pauses, ipsec statusall report shows no
>>> more packets in bytes_i (whereas bytes_o is still increasing).
>>>
>>> Here is the config on our end (IPs and subnets have been changed for
>>> security):
>>>
>>> config setup
>>>uniqueids = no
>>>charondebug = ike 2
>>>
>>> conn %default
>>>keyingtries=%forever
>>>dpdaction=none
>>>
>>> conn vpn-juniper-prd
>>> left=%defaultroute
>>> leftid=42.75.5.14 # Our actual local IP is  10.20.1.18, we are
>>> NATed going out
>>> leftsubnet=5.22.11.21/32
>>> right=168.42.68.5
>>> rightid=168.42.68.5
>>> rightsubnet=12.23.0.0/16
>>> keyexchange=ikev1
>>> ikelifetime=28800s
>>> ike=aes128-sha1-modp1024
>>> esp=aes128-sha1-modp1024
>>> keylife=3600m
>>> type=tunnel
>>> compress=no
>>> authby=secret
>>> auto=start
>>>
>>> Notice that the last "bytes_i" shows 145s ago (ipsec statusall output):
>>>
>>> vpn-juniper-prd:  %any...168.42.68.5  IKEv1
>>> v

Re: [strongSwan] Traffic Pauses to IKEv1 VPN with Juniper ISG 1000

[Thomas Egerer]

Mahesh,

run 'ip -s x s s spi  Hi,
>  I  have a Strongswan VPN server that is being used to terminate VPN
> connections with multiple endpoints. Most of the existing endpoints are
> cisco, sophos, etc. Recently I have a Juniper ISG 1000 endpoint that is
> posing some intermittent traffic problems.
> 
> The exact issue is that traffic over the VPN pauses after some (random)
> time. The tunnel itself is up and at the next rekey traffic starts flowing
> again. If I reduce the re-key time from 3600s down to 600s, the problem is
> reduced significantly. I did verify with the remote side that their keylife
> is 3600s. We do not have DPD enabled. There is constant traffic so there
> are no periods of inactivity.
> 
> During the periods where traffic pauses, ipsec statusall report shows no
> more packets in bytes_i (whereas bytes_o is still increasing).
> 
> Here is the config on our end (IPs and subnets have been changed for
> security):
> 
> config setup
>uniqueids = no
>charondebug = ike 2
> 
> conn %default
>keyingtries=%forever
>dpdaction=none
> 
> conn vpn-juniper-prd
> left=%defaultroute
> leftid=42.75.5.14 # Our actual local IP is  10.20.1.18, we are
> NATed going out
> leftsubnet=5.22.11.21/32
> right=168.42.68.5
> rightid=168.42.68.5
> rightsubnet=12.23.0.0/16
> keyexchange=ikev1
> ikelifetime=28800s
> ike=aes128-sha1-modp1024
> esp=aes128-sha1-modp1024
> keylife=3600m
> type=tunnel
> compress=no
> authby=secret
> auto=start
> 
> Notice that the last "bytes_i" shows 145s ago (ipsec statusall output):
> 
> vpn-juniper-prd:  %any...168.42.68.5  IKEv1
> vpn-juniper-prd:   local:  [42.75.5.14] uses pre-shared key authentication
> vpn-juniper-prd:   remote: [168.42.68.5] uses pre-shared key authentication
> vpn-juniper-prd:   child:  5.22.11.21/32 === 12.23.0.0/16 TUNNEL
> vpn-juniper-prd[1]: ESTABLISHED 110 minutes ago,
> 10.20.1.18[42.75.5.14]...168.42.68.5[168.42.68.5]
> vpn-juniper-prd[1]: IKEv1 SPIs: a8ed9dd3b567a578_i* 97dbd6dbb3683aa4_r,
> pre-shared key reauthentication in 5 hours
> vpn-juniper-prd[1]: IKE proposal:
> AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
> vpn-juniper-prd{44}:  REKEYED, TUNNEL, reqid 4, expires in 10 minutes
> vpn-juniper-prd{44}:   5.22.11.21/32 === 12.23.0.0/16
> vpn-juniper-prd{52}:  INSTALLED, TUNNEL, reqid 4, ESP SPIs: c3fdc693_i
> 9d90fe7f_o
> vpn-juniper-prd{52}:  AES_CBC_128/HMAC_SHA1_96, 24197112 bytes_i *(26366
> pkts, 145s ago*), 8889197 bytes_o (31780 pkts, 0s ago), rekeying in 10
> minutes
> vpn-juniper-prd{52}:   5.22.11.21/32 === 12.23.0.0/16
> 
> During that time, we still see packets going in/out via the eth0 interface :
> 
> 03:38:52.349565 IP 10.20.1.18 > 168.42.68.5:
> ESP(spi=0x9d90fe7f,seq=0x7c0f), length 132
> 03:38:52.363916 IP 168.42.68.5 > 10.20.1.18:
> ESP(spi=0xc3fdc693,seq=0x5cd3), length 132
> 03:38:52.548261 IP 168.42.68.5 > 10.20.1.18:
> ESP(spi=0xc3fdc693,seq=0x5cd4), length 100
> 03:38:52.564198 IP 168.42.68.5 > 10.20.1.18:
> ESP(spi=0xc3fdc693,seq=0x5cd5), length 100
> 03:38:53.357693 IP 10.20.1.18 > 168.42.68.5:
> ESP(spi=0x9d90fe7f,seq=0x7c10), length 132
> 03:38:53.371666 IP 168.42.68.5 > 10.20.1.18:
> ESP(spi=0xc3fdc693,seq=0x5cd6), length 132
> 03:38:54.365616 IP 10.20.1.18 > 168.42.68.5:
> ESP(spi=0x9d90fe7f,seq=0x7c11), length 132
> 03:38:54.379533 IP 168.42.68.5 > 10.20.1.18:
> ESP(spi=0xc3fdc693,seq=0x5cd7), length 132
> 03:38:55.250707 IP 168.42.68.5 > 10.20.1.18:
> ESP(spi=0xc3fdc693,seq=0x5cd8), length 100
> 03:38:55.373593 IP 10.20.1.18 > 168.42.68.5:
> ESP(spi=0x9d90fe7f,seq=0x7c12), length 132
> 03:38:55.387695 IP 168.42.68.5 > 10.20.1.18:
> ESP(spi=0xc3fdc693,seq=0x5cd9), length 132
> 
> 
> thanks,
> mahesh
> 
> 
> 
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Traffic Pauses to IKEv1 VPN with Juniper ISG 1000

[Thomas Egerer]

On 12/13/2015 10:18 PM, Mahesh Neelakanta wrote:
> Thomas, the vpn paused and I ran the IP spi command in looks like the
> replay-window keeps increasing. Any ideas what that means?
Yes, surely. The ip-xfrm framework uses a sliding window for replay
detection. This means only a certain number of packets (in your case 32)
less then the largest sequence number received are accepted. All packets
below that limit are dropped (increasing the replay-window counter).
This means your ESP-packets were reorderd and arrive in a different
order than they were sent. Depending on your underlying (encrypted)
traffic this can heal.
To take countermeasures, you may want to increase your replay window:
a) use the global charon.replay_window from strongswan.conf [1]
b) use the connection specific ipsec.conf option replay_window
  (available since strongswan 5.2.0) [2].
If this does not help, you can perform further investigation: take the
broken tunnel check if any inbound packets are received, or if all of
them are dropped. This can be done by running the iproute command 'ip -s
x s s spi ' prior to a 'tcpdump -w  -i
' for an arbitrary time (let's say one minute) and another
iproute2-command as described above *immediately* after tcpdump was
stopped. You can then analyze your received ESP-packets againts the
number of replay-window errors before and after the capturing. Also: all
inbound packets not dropped show up -- as Noel already pointed out -- in
plain text again, so you can compare your results from iproute to your
pcap file.

Cheers,
Thomas

[1] https://wiki.strongswan.org/projects/strongswan/wiki/StrongswanConf
[2] https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection
> 
> proto esp spi 0xc6ff382c(3338614828) reqid 2(0x0002) mode tunnel
> replay-window 32 seq 0x flag af-unspec (0x0010)
> auth-trunc hmac(sha1) 0xc609a31c3e5b7d6fa5267737c759fed017d2d6ea
> (160 bits) 96
> enc cbc(aes) 0x4fba8977e230c1155780f03a19b90111 (128 bits)
> lifetime config:
>   limit: soft (INF)(bytes), hard (INF)(bytes)
>   limit: soft (INF)(packets), hard (INF)(packets)
>   expire add: soft 3600(sec), hard 3600(sec)
>   expire use: soft 0(sec), hard 0(sec)
> lifetime current:
>   676746342(bytes), 703241(packets)
>   add 2015-12-13 20:39:21 use 2015-12-13 20:39:21
> stats:
> *  replay-window 533 replay 0 failed 0*
> 
> On Sun, Dec 13, 2015 at 3:50 PM, Mahesh Neelakanta <neelaka...@gmail.com>
> wrote:
> 
>> Thanks Thomas. I was able to run the "ip" command but it does look like
>> (as you mentioned) that CONFIG_XFRM_STATISTICS is disabled (this is the
>> amazon ubuntu 12.04 AMI). I'll try a newer release of amazon's own linux to
>> see if it has it installed before trying a kernel recompile. Right now the
>> ip command shows no errors (but i've restarted vpn) so i'll await it to
>> hang again.
>>
>> ip -s x s s spi 0xc6ff382c
>>
>> proto esp spi 0xc6ff382c(3338614828) reqid 2(0x0002) mode
>> tunnel
>> replay-window 32 seq 0x flag af-unspec (0x0010)
>> auth-trunc hmac(sha1) 0xc609a31c3e5b7d6fa5267737c759fed017d2d6ea
>> (160 bits) 96
>> enc cbc(aes) 0x4fba8977e230c1155780f03a19b90111 (128 bits)
>> lifetime config:
>>   limit: soft (INF)(bytes), hard (INF)(bytes)
>>   limit: soft (INF)(packets), hard (INF)(packets)
>>   expire add: soft 3600(sec), hard 3600(sec)
>>   expire use: soft 0(sec), hard 0(sec)
>> lifetime current:
>>       183887577(bytes), 191174(packets)
>>   add 2015-12-13 20:39:21 use 2015-12-13 20:39:21
>> *stats:*
>> *  replay-window 0 replay 0 failed 0*
>>
>>
>> On Sun, Dec 13, 2015 at 3:23 PM, Thomas Egerer <hakke_...@gmx.de> wrote:
>>
>>> Mahesh,
>>>
>>> run 'ip -s x s s spi <your_broken_inbound_spi' (as root) on your
>>> Linux-Box and check if your error statistics increase for the particular :
>>> 
>>> stats:
>>>   replay-window 0 replay 0 failed 0
>>> 
>>> Also: 'grep -vw 0 /proc/net/xfrm_stat' and check for increasing
>>> counters. You will probably have to rebuild your Linux-kernel for this,
>>> unless it has the CONFIG_XFRM_STATISTICS option enabled. If the file
>>> does exist you're lucky, if not -- like on current Debian systems -- you
>>> will have to recompile.
>>> The rationale behind this is that your inbound traffic gets dropped
>>> during inbound transformation. Reasons for this may vary: failed
>>> integrity checks, replay probl

Re: [strongSwan] Traffic Pauses to IKEv1 VPN with Juniper ISG 1000

[Thomas Egerer]

On 12/14/2015 12:00 AM, Mahesh Neelakanta wrote:
> Thanks Thomas. I (sort of) understand the issue. A few followup questions:
> 
> 1) If the packets are delivered out-of-order. Is there any specific reason
> that they aren't just dropped so that the higher level tcp level would just
> re-send?
Yes, but usually TCP runs congestion control algorithms (unless you're using
some kind of satellite optimized version or so), and hence interprets packet
loss as congestion situation, which leads to drastic perfomance penalty.
> 
> 2) With regards to talking a look at the packet captures; aside from
> knowing that they arrived out of order, anything in particular I should be
> looking for?  I realize this might be too general a question so no worries
> if an answer isn't possible.
You might want to check packet sizes to see if there is a pattern. To my
knowledge, small packets usually have a lower priority. Maybe you can
recognize a pattern.
> 
> *On a positive note*, right after noticing that the issue was related to
> replay window (and before i received your explanation)  I did re-start
> strongswan with charon.replay_window = 0 (apparently that disables it) and
> so far the traffic has not paused over the tunnel.  I'll also try
> increasing the replay_window at the next opportunity.
Yes, setting the replay size to 0 completely disables replay detection.
So yet *another* positive note: you don't have to recompile the kernel,
we found the reason for the packet loss :)

> thanks again to both you & noel for answering on a weekend!

You're welcome!

> mahesh

Cheers,
Thomas
> 
> On Sun, Dec 13, 2015 at 5:18 PM, Thomas Egerer <hakke_...@gmx.de> wrote:
> 
>> On 12/13/2015 10:18 PM, Mahesh Neelakanta wrote:
>>> Thomas, the vpn paused and I ran the IP spi command in looks like the
>>> replay-window keeps increasing. Any ideas what that means?
>> Yes, surely. The ip-xfrm framework uses a sliding window for replay
>> detection. This means only a certain number of packets (in your case 32)
>> less then the largest sequence number received are accepted. All packets
>> below that limit are dropped (increasing the replay-window counter).
>> This means your ESP-packets were reorderd and arrive in a different
>> order than they were sent. Depending on your underlying (encrypted)
>> traffic this can heal.
>> To take countermeasures, you may want to increase your replay window:
>> a) use the global charon.replay_window from strongswan.conf [1]
>> b) use the connection specific ipsec.conf option replay_window
>>   (available since strongswan 5.2.0) [2].
>> If this does not help, you can perform further investigation: take the
>> broken tunnel check if any inbound packets are received, or if all of
>> them are dropped. This can be done by running the iproute command 'ip -s
>> x s s spi ' prior to a 'tcpdump -w  -i
>> ' for an arbitrary time (let's say one minute) and another
>> iproute2-command as described above *immediately* after tcpdump was
>> stopped. You can then analyze your received ESP-packets againts the
>> number of replay-window errors before and after the capturing. Also: all
>> inbound packets not dropped show up -- as Noel already pointed out -- in
>> plain text again, so you can compare your results from iproute to your
>> pcap file.
>>
>> Cheers,
>> Thomas
>>
>> [1] https://wiki.strongswan.org/projects/strongswan/wiki/StrongswanConf
>> [2] https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection
>>>
>>> proto esp spi 0xc6ff382c(3338614828) reqid 2(0x0002) mode
>> tunnel
>>> replay-window 32 seq 0x flag af-unspec (0x0010)
>>> auth-trunc hmac(sha1) 0xc609a31c3e5b7d6fa5267737c759fed017d2d6ea
>>> (160 bits) 96
>>> enc cbc(aes) 0x4fba8977e230c1155780f03a19b90111 (128 bits)
>>> lifetime config:
>>>   limit: soft (INF)(bytes), hard (INF)(bytes)
>>>   limit: soft (INF)(packets), hard (INF)(packets)
>>>   expire add: soft 3600(sec), hard 3600(sec)
>>>   expire use: soft 0(sec), hard 0(sec)
>>> lifetime current:
>>>   676746342(bytes), 703241(packets)
>>>   add 2015-12-13 20:39:21 use 2015-12-13 20:39:21
>>> stats:
>>> *  replay-window 533 replay 0 failed 0*
>>>
>>> On Sun, Dec 13, 2015 at 3:50 PM, Mahesh Neelakanta <neelaka...@gmail.com
>>>
>>> wrote:
>>>
>>>> Thanks Thomas. I was able to run the "ip" command but it does look like
>>>> (as you mentioned) that CONFIG_XFRM_STATISTICS is disabled (this i

Re: [strongSwan] tearing my hair out over connection issue

[Thomas Egerer]

Raina,

Another idea. A quote from [1] says:

Convert a string of characters into a binary secret
A string between single or double quotes is treated as ASCII characters
A string prepended by 0x is treated as HEX and prepended by 0s as Base64


Have you tried the line

: PSK 0sdG9wc2VjcmV0

with your PSK base64-encoded (topsecret in my case) *no* *quotes*!

Optionionally you can try to convert your base64 key to hex:
> psk='dG9wc2VjcmV0'; echo ": PSK 0x$(echo -n $psk | \
  base64 -d | hexdump -v -e '1/1 "%02x"')"

which results in

: PSK 0x746f70736563726574

It *must* be the PSK.

Cheers,
Thomas

[1] src/libcharon/plugins/stroke/stroke_cred.c

On 12/12/2015 12:28 AM, Raina Matthews wrote:
> 
> 
> On 12/11/2015 11:00, Thomas Egerer wrote:
>> On 12/11/2015 07:27 PM, Raina Matthews wrote:> I wish I could say it was
>> commented out or set to no, but alas it is
>>> enabled and marked as yes
>> Dammit!
>>
>> Judging from your mail, your 'countless combinations of entering the
>> PSK' have covered all possibilities (quoted == ASCII, 0x-prefixed ==
>> hex, 0s-prefixed == base64) of encoding the PSK.
> I did try base64 encoding it, since that's how it's stored in the config
> I know works from shrewsoft.  others methods I'd have to say no, because
> I'm not 100% sure what you mean by them
>>
>> If you tell us the strongswan release you are using, the list may know
>> if you are sitting on a release that may have a general issue with PSK
>> (I personally do not know of any).
> strongSwan U5.1.2/K4.2.0-16-generic (ubuntu 15.04)
> but have also tried
> Linux strongSwan U5.3.2/K3.18.20 (openwrt)
>>
>> It seems, you already browsed through [1].
> yes I did.  it's where I got alot of possibile options that I've thrown
> into my config
>>
>> Any other clues in the log. Maybe posting a bit more log context can
>> enlighten us.
> 
> the charon.log I have is fairly sparse
> 
> Dec 11 23:02:40 04[IKE] <home|3> initiating Aggressive Mode IKE_SA
> home[3] to xxx.xxx.xxx.xxx
> Dec 11 23:02:40 04[ENC] <home|3> generating AGGRESSIVE request 0 [ SA KE
> No ID V V V V V ]
> Dec 11 23:02:40 04[NET] <home|3> sending packet: from 0.0.0.0[500] to
> 67.91.221.141[500] (410 bytes)
> Dec 11 23:02:40 03[NET] <home|3> received packet: from
> xxx.xxx.xxx.xxx[500] to 192.168.1.101[500] (328 bytes)
> Dec 11 23:02:40 03[ENC] <home|3> parsed AGGRESSIVE response 0 [ SA KE No
> ID V HASH ]
> Dec 11 23:02:40 03[IKE] <home|3> received DPD vendor ID
> Dec 11 23:02:41 03[IKE] <home|3> calculated HASH does not match HASH
> payload
> Dec 11 23:02:41 03[ENC] <home|3> generating INFORMATIONAL_V1 request
> 2698162911 [ HASH N(AUTH_FAILED) ]
> Dec 11 23:02:41 03[NET] <home|3> sending packet: from 192.168.1.101[500]
> to xxx.xxx.xxx.xxx[500] (92 bytes)
> 
> I don't really have any logs from the otherside when strongswan
> connects.however I do when I connect via the iOS ipsec client.
> 
> Dec 11 15:24:09 ForteXTM330 80BD06A80D951 (2015-12-11T23:24:09)
> iked[735]: (10.4.100.69<->yyy.yyy.yyy.yyy)Process INFO_EXCHANGE :
> Invalid payload 250
> Dec 11 15:24:10 ForteXTM330 80BD06A80D951 (2015-12-11T23:24:10)
> admd[739]: msg_id="1100-0004" Authentication of MUVPN user
> [AuthorizedUsernamehere] from 66.60.177.6 accepted
> Dec 11 15:24:10 ForteXTM330 80BD06A80D951 (2015-12-11T23:24:10)
> sessiond[721]: msg_id="3E00-0002" IPSec VPN user AuthorizedUsernamehere
> from yyy.yyy.yyy.yyy logged in assigned virtual IP is 10.10.10.80
> Dec 11 15:24:15 ForteXTM330 80BD06A80D951 (2015-12-11T23:24:15)
> iked[735]: (10.4.100.69<->yyy.yyy.yyy.yyy)Check Payloads : extra
> payload(218) after HASH in QuickMode current state
> Dec 11 15:24:15 ForteXTM330 80BD06A80D951 (2015-12-11T23:24:15)
> iked[735]: (10.4.100.69<->yyy.yyy.yyy.yyy)IkeQMProcessHashMsg :
> IkeCheckPayloads failed
> Dec 11 15:24:15 ForteXTM330 80BD06A80D951 (2015-12-11T23:24:15)
> iked[735]: (10.4.100.69<->yyy.yyy.yyy.yyy)QuickMode: <<3rd - failed to
> process HASH payload
> Dec 11 15:24:15 ForteXTM330 80BD06A80D951 (2015-12-11T23:24:15)
> iked[735]: msg_id="0207-0001" (10.4.100.69<->yyy.yyy.yyy.yyy)'GROUPNAME'
> MUVPN IPSec tunnel is established. local:0.0.0.0 remote:10.10.10.80/32
> in-SA:0xb0526314 out-SA:0x0fd52ea8 role:responder
> 
> not having really looked at these that closely before on a successful
> connect, I do notice that there are hash failure references here too  I
> wonder if this could mean that they're all failing on hash, but other
> clients are continuing to do something, while strongswan is stopping?
>>
>> Cheers,
>> Thomas
>>
>> [1

Re: [strongSwan] tearing my hair out over connection issue

[Thomas Egerer]

Hi Raina,

top posting, it's short!
I see you're using aggressive mode with PSK, so does your
strongswan.conf contain the line:

i_dont_care_about_security_and_use_aggressive_mode_psk=yes

in the charon section?
Hope this keeps you from going bald!

Cheers,
Thomas

On 12/11/2015 12:28 AM, Raina Matthews wrote:
> over the past week, I've spent anywhere from 2 to 4 hrs a night trying
> to figure out why my connection is failing
> 
> I'm getting an error :-
> 
> calculated HASH does not match HASH payload
> 
> 
> now looking over other references to this, it indicates my PSK is wrong.
> so I have tried countless combinations of entering said PSK into my
> ipsec.secrets file, and still no joy,
> 
> I know that the PSK is right, based on a number of factors.  1) my Ipad
> can connect using this same PSK. 2) I can connect via shrewsoft on
> windows 7 using the same psk, and 3)  I can get 'further' with vpnc
> using the same PSK
> 
> so if my PSK is right, then either 1) I've got it entered in the wrong
> manner in my secrets file, or 2) there's some issue with encryption
> methods/handshakes thats causing the server to return one value and
> strongswan to send another.
> 
> in my secrets file I have
> 
> xxx.xxx.xxx.xxx : PSK ""
> 
> I have tried the external IP of the box that runs the ipsec VPN, and
> also the internal IP (since it's natted in some way I didn't setup). 
> Also reading something else somewhere there was the suggestion of using
> the Group ID, and another of leaving it blank and just having
> 
> : PSK ""
> 
> all end up with the same error
> 
> so that makes me think there's some encryption handshake type issue. 
> according to the shrewfsoft configuration which is known to work, it states
> 
> s:phase1-cipher:aes
> n:phase1-keylen:256
> s:phase1-hash:sha1
> n:phase1-dhgroup:2
> 
> which to me means I need
> ike=aes256-sha1-modp1024 in my configuration
> 
> it also has entries
> 
> s:phase2-transform:esp-aes
> n:phase2-keylen:256
> s:phase2-hmac:sha1
> 
> which to me means I need
> esp=aes256-sha1
> 
> I've included below a copy of my current config, but I say current
> because I keep changing bits here and there in the hope that it'll
> suddenly start working, but throughout I've ended up with the same hash
> calculation error
> 
> can anyone help?
> 
> version 2
> config setup
> charondebug="ike 4, knl 4, cfg 4, enc 4, esp 4, chd 4"
> conn %default
> ikelifetime=60m
> keylife=20m
> rekeymargin=3m
> keyingtries=1
> keyexchange=ikev1
> authby=xauthpsk
> conn home
> left=192.168.219.137
> leftsourceip=%config
> keyexchange=ikev1
> ike=aes256-sha1-modp1024
> esp=aes256-sha1
> ikelifetime=1440m
> keylife=60m
> aggressive=yes
> leftid=
> leftauth=psk
> leftauth2=xauth
> leftfirewall=yes
> rightfirewall=yes
> right=xxx.xxx.xxx.xxx
> rightid=%any
> rightsourceip=%modeconfig
> rightauth=psk
> xauth_identity=MyUser
> auto=add
> xauth=client
> dpdtimeout=180s
> rekeymargin=3m
> keyingtries=1
> fragmentation=yes
> 
> 
> 
> 
> 
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] tearing my hair out over connection issue

[Thomas Egerer]

On 12/11/2015 07:27 PM, Raina Matthews wrote:> I wish I could say it was
commented out or set to no, but alas it is
> enabled and marked as yes
Dammit!

Judging from your mail, your 'countless combinations of entering the
PSK' have covered all possibilities (quoted == ASCII, 0x-prefixed ==
hex, 0s-prefixed == base64) of encoding the PSK.

If you tell us the strongswan release you are using, the list may know
if you are sitting on a release that may have a general issue with PSK
(I personally do not know of any).

It seems, you already browsed through [1].

Any other clues in the log. Maybe posting a bit more log context can
enlighten us.

Cheers,
Thomas

[1] https://lists.strongswan.org/pipermail/users/2015-September/008758.html
>
> On 12/11/2015 00:04, Thomas Egerer wrote:
>> Hi Raina,
>>
>> top posting, it's short!
>> I see you're using aggressive mode with PSK, so does your
>> strongswan.conf contain the line:
>>
>> i_dont_care_about_security_and_use_aggressive_mode_psk=yes
>>
>> in the charon section?
>> Hope this keeps you from going bald!
>>
>> Cheers,
>> Thomas
>>
>> On 12/11/2015 12:28 AM, Raina Matthews wrote:
>>> over the past week, I've spent anywhere from 2 to 4 hrs a night trying
>>> to figure out why my connection is failing
>>>
>>> I'm getting an error :-
>>>
>>> calculated HASH does not match HASH payload
>>>
>>>
>>> now looking over other references to this, it indicates my PSK is wrong.
>>> so I have tried countless combinations of entering said PSK into my
>>> ipsec.secrets file, and still no joy,
>>>
>>> I know that the PSK is right, based on a number of factors.  1) my Ipad
>>> can connect using this same PSK. 2) I can connect via shrewsoft on
>>> windows 7 using the same psk, and 3)  I can get 'further' with vpnc
>>> using the same PSK
>>>
>>> so if my PSK is right, then either 1) I've got it entered in the wrong
>>> manner in my secrets file, or 2) there's some issue with encryption
>>> methods/handshakes thats causing the server to return one value and
>>> strongswan to send another.
>>>
>>> in my secrets file I have
>>>
>>> xxx.xxx.xxx.xxx : PSK ""
>>>
>>> I have tried the external IP of the box that runs the ipsec VPN, and
>>> also the internal IP (since it's natted in some way I didn't setup).
>>> Also reading something else somewhere there was the suggestion of using
>>> the Group ID, and another of leaving it blank and just having
>>>
>>> : PSK ""
>>>
>>> all end up with the same error
>>>
>>> so that makes me think there's some encryption handshake type issue.
>>> according to the shrewfsoft configuration which is known to work, it
>>> states
>>>
>>> s:phase1-cipher:aes
>>> n:phase1-keylen:256
>>> s:phase1-hash:sha1
>>> n:phase1-dhgroup:2
>>>
>>> which to me means I need
>>> ike=aes256-sha1-modp1024 in my configuration
>>>
>>> it also has entries
>>>
>>> s:phase2-transform:esp-aes
>>> n:phase2-keylen:256
>>> s:phase2-hmac:sha1
>>>
>>> which to me means I need
>>> esp=aes256-sha1
>>>
>>> I've included below a copy of my current config, but I say current
>>> because I keep changing bits here and there in the hope that it'll
>>> suddenly start working, but throughout I've ended up with the same hash
>>> calculation error
>>>
>>> can anyone help?
>>>
>>> version 2
>>> config setup
>>>  charondebug="ike 4, knl 4, cfg 4, enc 4, esp 4, chd 4"
>>> conn %default
>>>  ikelifetime=60m
>>>  keylife=20m
>>>  rekeymargin=3m
>>>  keyingtries=1
>>>  keyexchange=ikev1
>>>  authby=xauthpsk
>>> conn home
>>>  left=192.168.219.137
>>>  leftsourceip=%config
>>>  keyexchange=ikev1
>>>  ike=aes256-sha1-modp1024
>>>  esp=aes256-sha1
>>>  ikelifetime=1440m
>>>  keylife=60m
>>>  aggressive=yes
>>>  leftid=>> field>
>>>  leftauth=psk
>>>  leftauth2=xauth
>>>  leftfirewall=yes
>>>  rightfirewall=yes
>>>  right=xxx.xxx.xxx.xxx
>>>  rightid=%any
>>>  rightsourceip=%modeconfig
>>>  rightauth=psk
>>>  xauth_identity=MyUser
>>>  auto=add
>>>  xauth=client
>>>  dpdtimeout=180s
>>>  rekeymargin=3m
>>>  keyingtries=1
>>>  fragmentation=yes
>>>
>>>
>>>
>>>
>>>
>>> ___
>>> Users mailing list
>>> Users@lists.strongswan.org
>>> https://lists.strongswan.org/mailman/listinfo/users
>>
>>
>>
>> ___
>> Users mailing list
>> Users@lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/users
>
>
>
>
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
>




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] PEM vs DER certificate format

[Thomas Egerer]

Hello Martin,

as much as I can understand your anger about your broken strongswan
configuration, I would like to remind you that you're using a *free
of charge* software maintained by a number of very, very capable
people with a *top of the notch* documentation and support. You should
treat them with the respect they deserve and compose your mails
accordingly.
Consideringyour issue:

On 12/03/2015 04:20 PM, Martin Lund wrote:
> Hello,
> 
> Today I started to reconfiguring an existing StrongSwan 4.4 <>StrongSwan 4.4 
> vpn because the certs are about to expire soon.
Are you upgrading your strongswan or sticking to 4.4? If you're
sticking to your old version, then why would you think a change of
cert-encoding is required?

> 
> I was surprised that the current documentation on the strongswan site suggest 
> to use some .DER (Binary) certification format:
> 
> https://wiki.strongswan.org/projects/1/wiki/SimpleCA
PEM support is available in any strongswan-version shipped, as long as
the pem plugin is loaded. You will not have to convert to DER for that
matter.

> 
> Why is this? Why did you had to change something which was working for years?
> Where do I even see the expiration date of this .der file?
> 
> At the old .PEM certificates at least it was obvious because I could set the 
> number of days for expiration:
> https://www.strongswan.org/docs/readme4.htm
It seems you totally misunderstand the concept of certificate encoding.
PEM and DER are certificate formats (the former is ASCII-armored,
the latter binary). Refer to [1]. Otherwise it's simple to employ
openssl for a format conversion from PEM to DER and vice versa:
> openssl x509 inform (pem|der) -in cert -out converted -outform (der|pem)
Even pki itself has tons of options (including pem/der handling and
validity options [2]).

> 
> Considering that this .der identified by unix file as "data", it is junk for 
> other devices like routers. How is this any better from .pem?
That's entirely wrong. It's a fact that the 'file'-binary does not
recognize it as ASN.1 (the encoding of the file), but if you run
dumpasn1 [3] on a DER file you will be suprised about the output.
I'm not sure if routers consider the file as junk, but you would you
store the certificates on a router?

> 
> After replacing the old .pems with .ders and restarting the vpn nodes I got 
> id 'blahblah.com' not confirmed by certificate, defaulting to ... message so 
> I had to remove the leftid/rightid directives which just making the config 
> more secure but not even after this worked...
This warning is issued if the identity configured in strongswan.conf
cannot be found in the certificate. If you supply more information to
the list, I'm sure that someone will be able to help you.

> On Server:
> 
> Dec  3 14:01:08 vpntest1 charon: 14[CFG] no matching peer config found
> Dec  3 14:01:08 vpntest1 charon: 14[IKE] peer supports MOBIKE
> Dec  3 14:01:08 vpntest1 charon: 14[ENC] generating IKE_AUTH response 1 [ 
> N(AUTH_FAILED) ]
> 
> On Client:
> Dec  3 14:01:08 vpntest2 charon: 05[ENC] parsed IKE_AUTH response 1 [ 
> N(AUTH_FAILED) ]
> Dec  3 14:01:08 vpntest2 charon: 05[IKE] received AUTHENTICATION_FAILED 
> notify error
Post your configuration along with more log information and the list
will be able to inspect your issue. Your log lacks information about IDs
and what charon is looking for, so noone will be able to solve your
problem based on these sparse infos.

> What no matching peer configuration? The server does not have to have any 
> config files just it's own key+cert+cacert.
> 
> Please remove this new "der tutorial" from your website asap so people don't 
> even see it
> 
It's ridiculous to ask for the removal. If you think an important piece
of information is missing from the page, then go ahead and add it. It's
a wiki after all.

Cheers,
Thomas

P.S.: Calm down!


[1]
https://support.ssl.com/Knowledgebase/Article/View/19/0/der-vs-crt-vs-cer-vs-pem-certificates-and-how-to-convert-them
[2] https://wiki.strongswan.org/projects/strongswan/wiki/IpsecPkiSelf
[3] https://www.cs.auckland.ac.nz/~pgut001/



signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Multiple Peers/Proposals Connection Failure

[Thomas Egerer]

Hello Andreas,

On 11/24/2015 10:22 AM, Andreas Steffen wrote:
> Hi,
> 
> this is a general problem with roadwarrior connection templates
> where the two IKE_SAs are not bound to a remote IP address
> but to two different IKE IDs. Since the IDi is transmitted
> in the encrypted IKE_SA request message the IKE_SA cipher
> suite must be chosen before the identity becomes known.
> 
> strongSwan does not try find a match for a common cipher suite
> but just chooses the first connection where remote_addrs = %any.
Just out of curiosity: wouldn't it be possible to add all possible IKE
configs (i.e. with the same priority value) to a list of candidates, to
resume the negotiation and later select the one matching the proposals
best? Of course during IKE_AUTH when the constraints are checked the
setup of the SA may still fail due to an ID mismatch. This would solve
Cem's without concatenating the proposals, or is there anything which
arguments against this idea?
> [...]

Cheers,
Thomas




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] No reciept of packets

[Thomas Egerer]

On 11/05/2015 04:14 PM, souhail sou wrote:
> Hello all, 
> 
> When starting my connection, I get the following output:
> initiating IKE_SA rw[2] to fd81:2041:94e6:1:b499:4837:54cd:e82c
> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) 
> N(HASH_ALG) ]
> sending packet: from fd81:2041:94e6:1:921b:eff:fe4b:e4d9[500] to 
> fd81:2041:94e6:1:b499:4837:54cd:e82c[500] (724 bytes)
> retransmit 1 of request with message ID 0
> sending packet: from fd81:2041:94e6:1:921b:eff:fe4b:e4d9[500] to 
> fd81:2041:94e6:1:b499:4837:54cd:e82c[500] (724 bytes)
Your packets do
a) not reach the responder (fd81:2041:94e6:1:b499:4837:54cd:e82c), or
b) do not reach the initiator (fd81:2041:94e6:1:921b:eff:fe4b:e4d9)

Check your network connection and your peer to see where your packets
are dropped.

Cheers,
Thomas
> 
> 
> My ipsec.conf :
> vi /usr/local/etc/ipsec.conf:
> # /etc/ipsec.conf - strongSwan IPsec configuration file
> 
> config setup
> 
> conn %default
> ikelifetime=60m
> keylife=20m
> rekeymargin=3m
> keyingtries=1
> keyexchange=ikev2
> authby=secret
> 
> conn rw
> left=fd81:2041:94e6:1:921b:eff:fe4b:e4d9
> rightauth=psk
> leftauth=psk
> right=fd81:2041:94e6:1:b499:4837:54cd:e82c 
> auto=add
> 
> For the pre shared key is the following 
> vi /usr/local/etc/ipsec.secrets 
> fd81:2041:94e6:1:b499:4837:54cd:e82c : PSK 0sjVzONCF02ncsgiSlmIXeqhGN
> 
> Is there someone who have any idea to resolve it .Thanks in adavance, 
> 
> 
> 
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Configurable core dump path?

[Thomas Egerer]

On 04/21/2015 02:47 PM, Ruel, Ryan wrote:
 Is there a way to configure charon to generate a core dump to a configured 
 path?
 
 /Ryan
 
 
 
 
 ___
 Users mailing list
 Users@lists.strongswan.org
 https://lists.strongswan.org/mailman/listinfo/users
 
Hi Ryan,

checked core(5), section 'Naming of core dump files'?

Thomas
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] query in child_cfg_create() function in file android_service.c

[Thomas Egerer]

Hi Ravi,

please address dev-related questions to the strongswan-dev mailing
list only. My reply will follow there in a jiff.

Regards, Thomas

On 01/14/2015 04:57 PM, Ravi Kanth Vanapalli wrote:
 Dear all,
 
   I have a query in the prototype for function child_cfg_create()
 I am writing it below for your quick reference..
  What does the 4th parameter 'hostaccess' mean ?
 
 Description reads below
 
 '@param hostaccess TRUE to allow access to the local host'
 'access' refers to accessing the IKE_SA  or ipsec SA or.. access is related
 to usability of the tunnel.
 
 Kindly help me understand this hostaccess attribute
 
 
 child_cfg_t *child_cfg_create(char *name, lifetime_cfg_t *lifetime,
   char *updown, bool hostaccess,
   ipsec_mode_t mode, action_t start_action,
   action_t dpd_action, action_t close_action,
   bool ipcomp, u_int32_t inactivity, u_int32_t reqid,
   mark_t *mark_in, mark_t *mark_out, u_int32_t tfc);
 
 
 
 
 ___
 Users mailing list
 Users@lists.strongswan.org
 https://lists.strongswan.org/mailman/listinfo/users
 




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] received retransmit of response with ID 0, but next request already sent

[Thomas Egerer]

Hi Axel,

On 10/28/2014 07:11 PM, Axel Zöllich wrote:
 Hi Thomas,
 
 Can you please do the following:
 'ipsec stroke loglevel ike 4' # this should show us the
 keying material (unlike my first advice it's the ike
 facility, not the enc facility).


 Then try to get your draytek to initiate the connection
 so we can see if the packets can be
 a) decrypted
 b) authenticated using PSK
 
 
 1831_charon.log: Connection initiated through a cleint behind the draytek. 
 This one seems to work well.

Yes, the CHILD_SA (aka quick mode) is established just fine:
Oct 27 17:22:17 02[IKE] jung|1831 CHILD_SA jung{138} established
with SPIs c425b5e3_i bf113ad0_o and TS 192.168.222.0/24 === 192.168.1.0/24

it is however torn down just a minute later:
Oct 27 17:23:16 04[IKE] jung|1831 queueing QUICK_DELETE task

and I cannot see why from the log (it looks filtered, maybe it's
some inactivity DPD-timeout?)
And the good news is, that it's being used:
snip
   jung{157}:  INSTALLED, TUNNEL, ESP SPIs: c26199e4_i bf114b96_o
jung{157}:  3DES_CBC/HMAC_SHA1_96, 1156392 bytes_i (21119 pkts, 0s
ago), 39480312 bytes_o (38561 pkts, 0s ago), rekeying in 5 hours
snap
You could use iproute2 to check for potential errors in decryption/
auth by calling 'ip -s x s s' (check out 'ip x s h' for information
on how to filter the results).

 1875_charon.log: Initiated from my side.
 the first attempt stays in connecting state the second one succeeds.
 
 initiating Main Mode IKE_SA jung[1876] to 217.86.257.203
 generating ID_PROT request 0 [ SA V V V V ]
 sending packet: from 80.152.262.292[500] to 217.86.257.203[500] (192 bytes)
 received packet: from 217.86.257.203[500] to 80.252.162.292[500] (124 bytes)
 parsed ID_PROT response 0 [ SA V V ]
 received DPD vendor ID
 received NAT-T (RFC 3947) vendor ID
 generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
 sending packet: from 80.152.262.292[500] to 217.86.257.203[500] (372 bytes)
 received packet: from 217.86.257.203[500] to 80.152.262.292[500] (356 bytes)
 parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
 generating ID_PROT request 0 [ ID HASH ]
 sending packet: from 80.152.262.292[500] to 217.86.257.203[500] (68 bytes)
 received packet: from 217.86.257.203[500] to 80.152.262.292[500] (356 bytes)
 received retransmit of response with ID 0, but next request already sent
 
 Security Associations (4 up, 0 connecting):
 jung[1879]: ESTABLISHED 7 minutes ago, 
 80.152.262.292[217.86.257.203]...217.86.257.203[217.86.257.203]
 jung[1879]: IKEv1 SPIs: add629d01fbfff80_i 04f9c350f91efff4_r*, 
 rekeying 
 in 23 hours
 jung[1879]: IKE proposal: 3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1536
 jung{157}:  INSTALLED, TUNNEL, ESP SPIs: c26199e4_i bf114b96_o
 jung{157}:  3DES_CBC/HMAC_SHA1_96, 1156392 bytes_i (21119 pkts, 0s 
 ago), 39480312 bytes_o (38561 pkts, 0s ago), rekeying in 5 hours
 jung{157}:   192.168.222.0/24 === 192.168.1.0/24 
 jung[1876]: CONNECTING, 
 80.152.162.192[217.86.257.203]...217.86.257.203[%any]
 jung[1876]: IKEv1 SPIs: 133dde7fcdc170c2_i* 55906950f6a25cef_r
 jung[1876]: IKE proposal: 
 3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
 jung[1876]: Tasks queued: QUICK_MODE 
 jung[1876]: Tasks active: ISAKMP_VENDOR MAIN_MODE 
 
 
 After some cycles like 1875 there are only connecting tries left.

Again: I can't see from the log why the ESTABLISHED SAs get torn down.

Let's summarize: Dray acting as initiator seems to work (you should
get traffic through the tunnel), the tunnel won't persist for long.
Charon being initiator won't work since Dray seems to refuse to
establish the CHILD (hence the retransmits, I guess). So it's
definitely not a problem with the IKE-Keys and most likely none with
the CHILD-keys, too.
When it comes to the retransmissions of the Dray, it looks to me like
a misbehaving state machine on it's side. IKE-SA, as well as CHILD_SA
are established (lines 333, 334 resp. 357 in the 1875 log), yet it
keeps retransmitting the packets (that's why charon can't retransmit
the appropriate response: 'received retransmit of response with ID 0,\
   but next request already sent'
I don't want to point any fingers but it looks like a problem on
their side. Maybe they already know about that. You should contact
them and ask for support.
Quite frankely, I'm out of ideas here.

Cheers,
Thomas
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] received retransmit of response with ID 0, but next request already sent

[Thomas Egerer]

Axel, just another idea: maybe your peer and charon don't
have the same understanding of the key exchange and derive
a different shared secret. Hence the failure with the first
encrypted packet. Can you initiate the tunnel from the
other side? If you set the log facility enc to level 4 ([1])
you should see some helpful information in your log (with
a debug version you can even see the keys!).

Cheers,
Thomas

[1] 'stroke loglevel enc 4'
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] *** GMX Spamverdacht *** no trusted RSA public key found for ip

[Thomas Egerer]

Hello Justin,

On 09/30/2014 06:45 PM, Justin Michael Schwartzbeck wrote:
 Hello,
 
 I am trying to set up a strongswan client connection to a vpn endpoint. I
 had it working before, but have updated the certificates, including the CA
 certificate, the client certificate and the client private key. When I try
 ipsec up client I get the following error:
 
 
 
 
 
 *received end entity cert vpnserver.domain.com
 http://vpnserver.domain.com, O=companyno trusted RSA public key found
 for 'vpn server ip'generating INFORMATIONAL request 2 [ N(AUTH_FAILED)
 ]sending packet: from client ip[4500] to vpn server ip[4500] (76
 bytes)establishing connection 'client' failed*
You most likely forgot to add your private key to the ipsec.secrets file.
See ipsec.secrets(5) for more information on this topic.

Cheers,
Thomas




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Issue with DES Encryption Algorithm

[Thomas Egerer]

Hello *,

On 08/21/2014 12:16 PM, Andreas Steffen wrote:
 Hi Chinmaya,
 
 I configured a VPN setup with ike=des-sha1-modp768! using
 strongSwan 5.2.0 but I could not reproduce your problem.
 My IKEv2 connection just came up nicely, even though the chosen
 cipher suite gives me goose bumps.
 
 Best regards
 
 Andreas
 
 On 08/21/2014 04:31 AM, Chinmaya Dwibedy wrote:
  
 Hi ,
  
 Can anyone please respond to this email? Note that, I am using default
 gmp library and load tester plugin .
   ^^^ from what I see, this plugin has never supported DES.

Cheers, Thomas
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] CHILD SA and PFS

[Thomas Egerer]

Hi Emeric,

On 08/04/2014 10:11 AM, Emeric POUPON wrote:
 Hello,
 
 Thanks for your answer!
 You are right, the initial CHILD_SA is negociated during the IKE_AUTH 
 exchange.
 I do see a rekey of the CHILD_SA, and there is indeed a PFS included.
 
 However, there is a questionable situation in the case the initiator and the 
 responder sides do not share the same 'esp' PFS group (I set the initiator's 
 lifetime to 3m for testing purposes)
 - The first CHILD_SA is created on both sides using IKE_AUTH.
 - When the rekey occurs, the responder tells the initiator that no suitable 
 proposal has been chosen. Furthermore the responder keeps the current IKE and 
 CHILD SAs.
 - The initiator then shows a 'rekeing active' status but its SA ends up 
 killed by the kernel.
 - The initiator has to wait for the IKE SA rekey to get the CHILD SA up again.
If initiator and responder do not share any PFS group,
what would you expect the IKE-daemon to do? This is a
broken configuration which only happens to work since
the first CHILD_SA is established piggy-bagging the
IKE_AUTH exchange.

Cheers,
Thomas
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] CHILD SA and PFS

[Thomas Egerer]

Hi Emeric

On 08/01/2014 04:05 PM, Emeric POUPON wrote:
 Hello,
 
 I have some problems enabling PFS on the CHILD SA.
 I'm using strongswan 5.2.0 on FreeBSD.
 
 Here are the site configurations:
looks good.
However [1], the IKE_AUTH exchange responsible for
establishing the *first* CHILD_SA does not include a key exchange
(KE), whereas [2], the CREATE_CHILD_SA exchange responsible
for creating (subsequent), or rekeying children, does include
an (optional) key exchange ([KE]).
If you wait for the configured keylife of =60 minutes, you
should see a rekeying of the CHILD_SA take place, including
the configured PFS-group.

Cheers,

Thomas

[1] http://tools.ietf.org/html/rfc5996#appendix-C.2
[2] http://tools.ietf.org/html/rfc5996#appendix-C.4
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] HA resync issue

[Thomas Egerer]

Hi Emeric,

On 08/01/2014 06:22 PM, Emeric POUPON wrote:
 Hello,
 
 I'm running Strongswan 5.2.0 on FreeBSD security gateways.
 
 I set up a Active/Passive HA cluster.
 I successfully created 300 connections thanks to another remote gateway using 
 strongswan's load-tester plugin.
 = the passive node has been correctly synchronized.
 
 I then decided to bring down the passive node and bring it up shortly after.
 
 The wiki says:
 Synchronizing CHILD_SAs is not possible using the cache, as the messages do 
 not contain sequence number information managed in the kernel. To reintegrate 
 a node, the active node initiates rekeying on all CHILD_SAs. The new CHILD_SA 
 will be synchronized, starting with fresh sequence numbers in the kernel. 
 CHILD_SA rekeying is inexpensive, as it usually does not include a DH 
 exchange.
 
 (BTW, why would the CHILD SA rekey not include a DH exchange?)
Because by default, PFS is not enabled for children by
default (proposal_t::proposal_create_default).
 Indeed the active node rekeys the 300 CHILD SA in a few seconds, but the 
 passive node gets synchronized with only few CHILD SA (about 30).
 
 Logs:
 ...
 Aug  1 16:15:16 02[CFG] sample-psk|9 installed HA passive IKE_SA 
 'sample-psk' 
 172.18.0.53[srv.strongswan.org]...172.18.0.54[c108-r1.strongswan.org]
 Aug  1 16:15:16 02[CFG] sample-psk|10 installed HA passive IKE_SA 
 'sample-psk' 
 172.18.0.53[srv.strongswan.org]...172.18.0.54[c20-r1.strongswan.org]
 
 And then a lot of errors like that:
 ...
 Aug  1 16:15:16 02[CFG] passive HA IKE_SA to update not found
 ...
 Aug  1 16:15:16 02[CHD] IKE_SA for HA CHILD_SA not found
 ...
 Aug  1 16:15:16 02[CHD] 11 HA is missing nodes child configuration
 ...
 
 Any idea?
This can happen if the passive node is
- not able to check out the IKE_SA to be updated (case 1)
- not able to check out the IKE_SA it should add a child to (case 2)
- not able to find a configuration matching the one used in
  the HA CHILD_SA update (case 3)

which to me looks like your passive node does not have all the
configurations required for the synchronization.
If a passive node comes up it requests an immediate resync
by the active node. This node pushes all established IKE_SAs
(from ha_cache) to the passive node. I've seen cases that
failed the sync, if the configs were not identical.
Maybe a race condition that resync is faster than your backend
loading the configs? In that case 'stroke statusall' should
list a lot of (unnamed) IKE_SAs, the ones that were not synced
properly.

Cheers,

Thomas
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] ipsec statusall not responding

[Thomas Egerer]

On 05/11/2014 07:27 AM, Nanda Gopal wrote:
 Hi,
 
 I have a IPSec setup, which has 8 IKEv1 or 8 IKEv2  Protect Policies 
 configured, tunnels established successfully with the Security gateway.
 An application program reads the   ipsec statusall output and based on the 
 tunnel unavailability, will modify the ipsec.conf with a new right id and 
 performs ipsec update, resulting in a new tunnel getting established.
Hi,

I don't know if this helps, since if you are out of worker
threads, this will not work either, but since strongswan
4.5.3 you can call 'ipsec statusallnb' where nb stands for
non-blocking. It should be noted, that there is a chance
you may not see all SAs with this command.

Cheers, Thomas



signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] StrongSwan: DHCP server configuration

[Thomas Egerer]

On 01/06/2014 07:29 AM, vivek singh wrote:
 Hello,
 
  
 
 Is it possible to use a local DHCP server within the same IPSec Server to
 get IP address for remote rw ?
 
 If yes please suggest me a way to hide my local DHCP server from other
 devices on lan.
Hi Vivek,

isn't a memory based IP address pool what you want:

http://www.strongswan.org/uml/testresults4/ikev2/ip-pool/

Cheers,

Thomas

___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] strongswan-5.1.1 with 4.xx, tunnel pb

[Thomas Egerer]

On 01/05/2014 10:50 PM, s s wrote:
 Hello,
 
 I made some homework and found out different elements, which may help to 
 troubleshoot.
 
 This packet was a large packet and was sent as two UDP fragments.
 What looked like to be a packet fragmentation, in fact appeared to be two 
 different CAs sent in the key exchange.
 I had 2 CAs in the cacert folder due to the coming expiration of one of 
 them. So I removed the expired one and the packet duplication was solved.
 
 Now comes to the other issues, which I am unable to resolve.
 I tried to switch to the IKE v1.
 
 The initial authentication is successful: 
 root@bt:/etc/ipsec.d# ipsec up karmaIKE2
 initiating IKE_SA karmaIKE2[4] to 192.168.4.10
 generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
 sending packet: from 10.0.2.15[500] to 192.168.4.10[500]
 received packet: from 192.168.4.10[500] to 10.0.2.15[500]
 parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ 
 N(MULT_AUTH) ]
 local host is behind NAT, sending keep alives
 authentication of 'b...@hmnet.ucp' (myself) with RSA signature successful
 
 
 establishing CHILD_SA karmaIKE2  -- this step fails
 generating IKE_AUTH request 1 [ IDi CERT CERTREQ IDr AUTH SA TSi TSr 
 N(MOBIKE_SUP) N(NO_ADD_ADDR) N(MULT_AUTH) ]
 sending packet: from 10.0.2.15[4500] to 192.168.4.10[4500]
 retransmit 1 of request with message ID 1
 sending packet: from 10.0.2.15[4500] to 192.168.4.10[4500]
 
 
 Examining the other side logs gives: 
 Jan  5 18:30:45 karma charon: 04[CFG] received proposals: 
 ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ, 
 ESP:3DES_CBC/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ 
 Jan  5 18:30:45 karma charon: 04[CFG] configured proposals: 
 ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ, 
 ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ, 
 ESP:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/BLOWFISH_CBC_256/HMAC_SHA1_96/AES_XCBC_96/HMAC_MD5_96/NO_EXT_SEQ
  
 Jan  5 18:30:45 karma charon: 04[IKE] no matching proposal found, sending 
 NO_PROPOSAL_CHOSEN 
Hi Serge,

since you have not added an 'esp=encryption-integrity[-dhgroup][-esnmode]'
line to your ipsec.conf, both daemons fall back to their default proposals
(for both IKE and IPSec). For IKE they find a match, for IPSec (in this
case ESP) however, they cannot find a matching proposal and the CHILD_SA
setup fails. The syslog tells it quite clearly: it first lists the received
proposals then the configured ones, and usually a selected one, or in your
case the error.
You will have to add a line to your ipsec.conf which tells charon which
ESP proposal to use*:
snip
conn karmaIKE2
 left=%defaultroute
 leftsubnet=10.0.2.0/24
 leftcert=lnvo.hostCert.pem
 right=192.168.4.10
 rightsubnet=0.0.0.0/0
 rightcert=peercerts/karmaY2034.hostCert.pem
 keyexchange=ikev2
+esp=aes128-sha1-modp2048!
 mobike=yes
 auto=add
snap
*preferrably on both sides.

If you ommit the exclamation mark, the default proposals for ESP will also
be included (you may not want that). Also the 'pfs = no' has no effect with
IKEv2, it's IKEv1 only. Disabling PFS for CHILD_SAS is done in IKEv2 by
ommiting the dh-group from the proposal string.
You can find all the info in the man page [1].
I am however still wondering why your initiating 4.3.2 box proposes
algorithms that are different from the default ones.
Hope this helps.

Cheeers,
Thomas

[1] http://linux.die.net/man/5/strongswan_ipsec.conf

___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Strong Swan 5.1.1 - pfse=no ignored - How can I disable PFS?

[Thomas Egerer]

On 12/09/2013 06:09 PM, Sergio Samayoa wrote:
 Hi Noel.
 
 Thanks but I already tried that way but same result.
 
 I tried:
 
 esp=3des-sha1
 esp=3des-sha1!
 esp=3des-sha1-null
 esp=3des-sha1-null!
 
 But PFS seems still enabled.
 
 Regards.
 
 
 
 
 
 2013/12/9 Noel Kuntze n...@familie-kuntze.de
 
 Hello Sergio,

 You do this by using esp=3des-sha1!.
 Note the ! At the end, telling strongswan to only send this proposal
 when negotiating phase 2.
 Also remove the pfs line, as it's deprecated.

 Regards
 Noel Kuntze



 Sergio Samayoa sergiosama...@icon.com.gt schrieb:

 Hi.

 We need to connect to Checkpoint FW with the following configuration:

 Phase 1
 Authentication Method pre-shared key
 pre-shared key *
 Encryption Scheme IKE
 Diffie-Hellman Group Group 2
 Encryption Algorithm 3DES
 Hashing Algorithm Sha-1
 Main or Aggressive Mode Main mode
 Lifetime (for renegotiation) 86400s

 Phase 2
 Encapsulation (ESP or AH) ESP
 Encryption Algorithm 3DES
 Authentication Algorithm Sha-1
 Perfect Forward Secrecy NO PFS
 Lifetime (for renegotiation) 3600s

 Our configuration file is:

 conn TMCO
 ikelifetime=86400s
 keylife=3600s
 keyexchange=ikev1
 authby=secret
 ike=3des-sha1-modp1024
 esp=3des-sha1
 left=x.x.x.x
 leftsubnet=192.168.15.0/24
 leftfirewall=yes
 leftsourceip=x.x.x.x
 right=y.y.y.y
 pfs=no

 Whe I start strongswan I get this message in the console:

 # deprecated keyword 'pfs' in conn 'TMCO'
   PFS is enabled by specifying a DH group in the 'esp' cipher suite

 Phase 1 is completed and I can see the security associations but I can't
 reach any host in the right part becase Strongswan is using PFS.

 AFAIK I'm not setting dhgroup in esp (esp=3des-sha1) but Strongswan
 insists in enabling PFS.

 How can I disable PFS?
Hi Sergio,

can you run
 stroke loglevel cfg 2

Then try to initiate the connection and look for charon's log output
snip
received proposals: [...]
configured proposals: [...]
selected proposals: [...] // - this line is most likely missing
snap
Be sure to select the proposal selection for the child configuration
you're interested in.

Cheers,
Thomas



signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Users Digest, Vol 44, Issue 24

[Thomas Egerer]

Hi,
On 09/17/2013 11:33 AM, A Lee wrote:
 Hi,
 
 Thanks for the suggestions you provided.
 
 The suggestion you provided -
 
 a) change kernel version.
 b) downgrade strongswan to 4.3.9.
 [...]
 
 I have tried b) and c) but the same error persists.
Yes, you're right, RedHat backported the patches in question.
I took a closer look at the netlink message pluto sends, but
it looks OK.
Are you sure you have esp, tunnel mode etc. configured/loaded
in your kernel?

Cheers,
Thomas

___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Netlink error Invalid Argument(22)

[Thomas Egerer]

On 09/17/2013 05:45 AM, A Lee wrote:
 Hi,
 
 Thanks for suggestion.
 
 Kernel module for sha256 is already there and also loaded.
 
 My kernel 2.6.18-128.el5
 
 Also sha2 support is there.
 
 output of 'grep sha2 /proc/crypto' is 
 
 name: sha256 driver:  sha256-generic module:   sha256
Hi,

charon request the crypto algorithm 'hmac(sha256)' (this was
changed with 4.3.6), while your kernel algorithm list for ipsec
(xfrm) provides this algorithm under the name 'sha256'.
Bottom line is, you need to
a) update your kernel to at least 2.6.19,
b) downgrade your strongswan version to 4.3.5,
c) modify your strongswan-source and rebuild like this:

diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c 
b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
index 2f8cb6b..9a1330f 100644
--- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
@@ -211,7 +211,7 @@ static kernel_algorithm_t integrity_algs[] = {
{AUTH_HMAC_SHA1_96, sha1  
},
{AUTH_HMAC_SHA1_160,hmac(sha1)},
{AUTH_HMAC_SHA2_256_96, sha256},
-   {AUTH_HMAC_SHA2_256_128,hmac(sha256)  },
+   {AUTH_HMAC_SHA2_256_128,sha256},
{AUTH_HMAC_SHA2_384_192,hmac(sha384)  },
{AUTH_HMAC_SHA2_512_256,hmac(sha512)  },
 /* {AUTH_DES_MAC,  ***   
}, */

I would not recommend b), so if you really need to stick to your
kernel-version, try option c).

Hope that helps,

Cheers,
Thomas

___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Netlink error Invalid Argument(22)

[Thomas Egerer]

On 09/16/2013 03:44 PM, A Lee wrote:
 Hi,
 
 I have been trying to setup a ikev1 tunnel with ESP and authentication
 algorithm SHA256.
 
 The IKE tunnel is being created fine. But in quick mode exchange when it
 receives the packet with Authentication algorithm as SHA256 (attribute
 value 5), this error is happening.
 
 According to strong swan documentation sha256 is supported.
 
 Can anybody help me out with this one?
 
 I am pasting portion of pluto log and also the ipsec.conf file.
 
 PLUTO-LOG
 --
 
  HASH(2) computed:
 |   af da 55 9b  5f 40 52 a8  b8 75 b3 04  67 c1 ec 1b
 |   39 bc 5c ca  96 ae c1 10  4b fe bb d1  2f ea f6 27
 | kernel_alg_esp_enc_keylen(): alg_id=3, keylen=24
 | kernel_alg_esp_auth_keylen(auth=5, sadb_aalg=5): a_keylen=32
 | KEYMAT computed:
 |   a4 85 19 78  5c a1 b7 2b  b2 f4 ce ac  fd 50 6e 12
 |   f5 dc 18 9a  ac fc 2d 38  08 da ba 4d  80 40 2e f3
 |   b8 50 7a 33  2b 96 9b 3e  6a ff c1 9a  f5 6e d1 20
 |   20 72 6e d7  7f d9 66 15
 | install_inbound_ipsec_sa() checking if we can route
 | route owner of conn1 unrouted: NULL; eroute owner: NULL
 | kernel_alg_esp_info():transid=3, auth=5, ei=0x80b7ae8, enckeylen=24,
 authkeylen=32, encryptalg=3, authalg=5
 | adding SAD entry with SPI c5ad47ee and reqid {16384}
 |   using encryption algorithm 3DES_CBC with key size 192
 |   using integrity algorithm HMAC_SHA2_256_128 with key size 256
 | sending XFRM_MSG_UPDSA: = 440 bytes @ 0xbff65fd8
0: B8 01 00 00 1A 00 05 00 CA 00 00 00 12 24 00 00  .$..
   16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
   32: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
   48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
   64: 00 00 00 00 00 00 00 00 0A 0A 0A 14 00 00 00 00  
   80: 00 00 00 00 00 00 00 00 C5 AD 47 EE 32 00 00 00  ..G.2...
   96: 0A 0A 0A 32 00 00 00 00 00 00 00 00 00 00 00 00  ...2
  112: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF  
  128: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF  
  144: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
  160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
  176: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
  192: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
  208: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
  224: 00 40 00 00 02 00 01 20 20 00 00 00 60 00 02 00  .@.  ...`...
  240: 64 65 73 33 5F 65 64 65 00 00 00 00 00 00 00 00  des3_ede
  256: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
  272: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
  288: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
  304: C0 00 00 00 A4 85 19 78 5C A1 B7 2B B2 F4 CE AC  ...x\..+
  320: FD 50 6E 12 F5 DC 18 9A AC FC 2D 38 6C 00 14 00  .Pn...-8l...
  336: 68 6D 61 63 28 73 68 61 32 35 36 29 00 00 00 00  hmac(sha256)
  352: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
  368: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
  384: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
  400: 00 01 00 00 80 00 00 00 08 DA BA 4D 80 40 2E F3  ...M.@..
  416: B8 50 7A 33 2B 96 9B 3E 6A FF C1 9A F5 6E D1 20  .Pz3+..jn.
  432: 20 72 6E D7 7F D9 66 15   rn...f.
 received netlink error: Invalid argument (22)
 unable to add SAD entry with SPI c5ad47ee
 | state transition function for STATE_QUICK_R0 had internal error
 | next event EVENT_SO_DISCARD in 0 seconds for #2
 |
 | *time to handle event
 | event after this is EVENT_SA_REPLACE in 1165 seconds
 | ICOOKIE:  85 22 00 00  85 22 00 00
 | RCOOKIE:  3b 12 6a 76  de 5f 2c 0c
 | peer:  0a 0a 0a 32
 | state hash entry 22
 | next event EVENT_SA_REPLACE in 1165 seconds for #1
 | received a XFRM_MSG_EXPIRE
 |
 
 ipsec.conf
 
 config setup
 interfaces=ipsec0=eth1
 klipsdebug=all
 uniqueids=yes
 charonstart=no
 plutodebug=all
 plutostart=yes
 plutostderrlog=/etc/pluto.log
 conn %default
   ikelifetime=20m
   keylife=10m
   rekeymargin=1m
   keyingtries=1
   forceencaps=yes
   reauth=no
   mobike=no
 conn conn1
   type=tunnel
   left=10.10.10.20
   leftid=%any
   leftsubnet=20.0.2.20/32
   right=10.10.10.50
   rightid=%any
   pfs=no
   pfsgroup=modp1024
   ike=3des-sha256-modp1024
   esp=3des-sha256-modp1024
   auto=add
   auth=esp
   authby=secret
   keyexchange=ikev1
Hi,

which kernel-version are you using (uname -v), and is there
a chance you don't have sha2 support enabled in your kernel?
Try 'grep sha2 /proc/crypto'

Cheers,
Thomas

___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Telnet over a tunnel using Local IP (rather than Public IP)

[Thomas Egerer]

 config setup
 charonstart=yes
 #nat_traversal = yes
 nat_traversal = no
 plutostart=yes
 plutodebug=all
 plutostderrlog =/var/log/pluto.log
 
 conn %default
 keyexchange=ikev1
 type=tunnel
 auth=esp
 authby=psk
 auto=start
 ikelifetime=28800
 left=xl.xl.xl.xl
 leftnexthop=%defaultroute
 
 
 conn umb
 leftsourceip=xl.xl.xl.xl
 leftsubnet=xp.xp.xp.xp/32
 right=Public IP of peer
 rightsubnet=xr.xr.xr.xr/32
 esp=3des-md5
 ike=3des-md5-modp1024
 pfs=no
 
 Please suggest.
Alright, sorry for the delay. As far as I understand, your config
is supposed to look like this:

conn %default
keyexchange=ikev1
type=tunnel
auth=esp
authby=psk
auto=start
ikelifetime=28800
left=xp.xp.xp.xp
leftnexthop=%defaultroute


conn umb
leftsubnet=xl.xl.xl.xl/32
right=Public IP of peer
rightsubnet=xr.xr.xr.xr/32
esp=3des-md5
ike=3des-md5-modp1024
pfs=no

I do not understand how your original config could ever successfully
establish a tunnel, if your firewall only accepts packets from xp.xp.xp.xp.
Your config shared your public network and used the private ip-address
as tunnel endpoint.

Cheer
Thomas

___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Telnet over a tunnel using Local IP (rather than Public IP)

[Thomas Egerer]

Hi Anupam,
 Now, when we do a telnet or ping to the remote server from the local
 server, it times out without any response. The reason is that the remote
 server’s firewall sees the request coming from the cloud server’s local
 IP (xl.xl.xl.xl) and the firewall does not allow requests from this IP.
 The firewall allows only the public IP (xp.xp.xp.xp). Since the tunnel
 is successfully established, shouldn’t the telnet or ping take the
 public IP (rather than the local IP)?
did you try
left=xp.xp.xp.xp
for the particular connection?

Regards
Thomas



signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Telnet over a tunnel using Local IP (rather than Public IP)

[Thomas Egerer]

On 12/23/2011 09:40 AM, Anupam Malhotra wrote:
 Hi Thomas
 
 I did try left=xp.xp.xp.xp. In that case, even the tunnel is not
 established. Is there anything else which I can try here?
Make sure that right on your cloud-server is xp.xp.xp.xp, too or
%any. If that doesn't do the trick, why don't you post the config
files on both of the servers and append the logs of the failed
IKE_SA-negotiation.

Cheers
Thomas



signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Telnet over a tunnel using Local IP (rather than Public IP)

[Thomas Egerer]

On 12/23/2011 11:17 AM, Anupam Malhotra wrote:
 Hi Thomas
 
 The IKE_SA-negotiation is not failing. The tunnel is coming up. Only issue
 is that the local IP is being seen at the remote end (rather than the public
 IP). 
Your output 'ip x s s' tells me, that your tunnel-endpoint on the local side
of the box running strongswan is your *local* ip-address.
 src remote IP: xr.xr.xr.xr dst local IP:xl.xl.xl.xl
 src local IP: xl.xl.xl.xl remote IP: xr.xr.xr.xr

This is only the case if your config tells strongswan to do so. If your
peer only accepts ESP packets from xp.xp.xp.xp then your tunnel-endpoint
(left in ipsec.conf) is supposed to say so. If that tunnel cannot be
created you should consult the log file. Your peer should have the
config modified appropriately.
Let us look at your ipsec.conf, maybe we can figure it out then.
Your peer is no strongswan, I assume?

Cheers,
Thomas




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] creating certificates for windows 7

[Thomas Egerer]

On 12/20/2011 09:44 PM, Vernon Fort wrote:
 Could someone point me to a good set of documents explain how  to create
 certificates using openssl to use with a windows 7 pro VPN.
Sure:
http://www.carbonwind.net/blog/post/VPN-Reconnect-in-Windows-7-RC-redux.aspx

Thomas



signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users