[strongSwan] VPN with sophos: remote deletes child SAs

[Michael Schwartzkopff]

Hi,


we see a strange problem when trying to establish a VPN to a sophos.
Initially strongswan sets up the the child SAs:


charon: 10[NET] received packet: from x.x.x.x[500] to y.y.y.y[500] (1902
bytes)
charon: 10[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP)
N(NATD_D_IP) N((16430)) N((16431)) N(REDIR_SUP) ]
charon: 10[IKE] x.x.x.x is initiating an IKE_SA
charon: 10[IKE] remote host is behind NAT
charon: 10[ENC] generating IKE_SA_INIT response 0 [ SA KE No
N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
charon: 10[NET] sending packet: from y.y.y.y[500] to x.x.x.x[500] (1208
bytes)
charon: 12[NET] received packet: from x.x.x.x[24289] to y.y.y.y[4500]
(352 bytes)
charon: 12[ENC] parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr
N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
charon: 12[CFG] looking for peer configs matching 
charon: 12[CFG] selected peer config 'deleted'
charon: 12[IKE] authentication of 'remotehost' with pre-shared key
successful
charon: 12[IKE] authentication of 'y.y.y.y' (myself) with pre-shared key
charon: 12[IKE] IKE_SA profi[4] established between x.x.x.x and y.y.y.y

charon: 12[IKE] scheduling reauthentication in 10211s
charon: 12[IKE] maximum IKE_SA lifetime 10751s
charon: 12[IKE] CHILD_SA deleted{4} established with SPIs c8e82c4a_i
cb8713c3_o and TS y.y.y.y/32 === rightsubnet/24
charon: 12[ENC] generating IKE_AUTH response 1 [ IDr AUTH SA TSi TSr
N(AUTH_LFT) ]
charon: 12[NET] sending packet: from y.y.y.y[4500] to x.x.x.x[24289]
(224 bytes)


But then the remote side deletes us the nice new SPIs


charon: 14[NET] received packet: from x.x.x.x[24289] to y.y.y.y[4500]
(80 bytes)
charon: 14[ENC] parsed INFORMATIONAL request 2 [ D ]
charon: 14[IKE] received DELETE for ESP CHILD_SA with SPI cb8713c3
charon: 14[IKE] closing CHILD_SA profi{4} with SPIs c8e82c4a_i (0 bytes)
cb8713c3_o (0 bytes) and TS y.y.y.y/32 === rightsubnet/24
charon: 14[IKE] sending DELETE for ESP CHILD_SA with SPI c8e82c4a
charon: 14[IKE] CHILD_SA closed


I don't know what we misconfigured on the sophos side. I think we
configured both subnets on their side also.


Any additional ideas?

Mit freundlichen Grüßen,

-- 

[*] sys4 AG
 
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München
 
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein




signature.asc
Description: OpenPGP digital signature

Re: [strongSwan] Error connecting from Fortigate VPN to Strongswan

[Andreas Steffen]

Hi

Mar 15 00:36:12 klick001 charon:
  12[IKE] local host is behind NAT, sending keep alives
  ..
  12[ENC] generating IKE_AUTH request 1 [ IDi CERTREQ AUTH SA TSi TSr
  N(MOBIKE_SUP) N(NO_ADD_ADDR) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  12[NET] sending packet: from 10.138.0.4[4500] to 200.10.1**.***[4500]
  15[IKE] retransmit 1 of request with message ID 1
  ..

Because a NAT situation is detected, the strongSwan client floats to
the NAT-Traversal UDP port 4500 with the IKE_AUTH request (Actually
the port 4500 float always occurs because of the IKEv2 MOBIKE protocol).

But no response is received from the Fortigate gateway. You should check
the Fortigate log whether the IKE_AUTH request is actually received and
if yes if an error is produced.

Regards

Andreas

On 15.03.2019 12:09, MOSES KARIUKI wrote:

Any other suggestion on this issue?

Thanks

On Fri, Mar 15, 2019 at 10:52 AM MOSES KARIUKI > wrote:


Thanks Chris.

The client says that the port is open. I will change the Ciphers. Thanks

On Fri, Mar 15, 2019 at 4:40 AM Chris Sherry mailto:smilin...@gmail.com>> wrote:

The first thing to check is 200.10.1.X is allowing UDP/4500
inbound. That being said, you should really rethink your
ciphers, 3DES/SHA1 shouldn't be a thing anymore.

Chris.

On Thu, Mar 14, 2019 at 4:57 PM MOSES KARIUKI
mailto:kariuk...@gmail.com>> wrote:

Dear Team,

I have not been able to connect from a Fortigate firewall
client to my Sttrongswan Host. These are the parameters set
up on the Fortigate :
Authentication Method   Pre-Shared Secret
Encryption Schema   IKE
Perfect Forward Secrecy- IKEDH Group-5
Encryption Algorithm3DES
Hashing Algorithm   SHA1
Renegotiate IKE SA every28800
Main or Aggressive Mode Main
IPSec   ESP
Perfect Forward Secrecy-IPSEC   DH Group-2
Encryption Algorithm IPSec  3DES
Hashing Algorithm IPSec SHA1
Renegotiate IPSec SA every  1800


and below is my Strongswan config.

conn ikev2-Teledida
     auto=start
     compress=no
     type=tunnel
     keyexchange=ikev2
     fragmentation=yes
     forceencaps=yes
     dpdaction=clear
     dpddelay=300s
     rekey=no
     left=%any
     leftid=35.185.2**.***
     leftsubnet=0.0.0.0/0 
     right=200.10.1**.***
     rightid=%any
     rightauth=psk
     rightsourceip=10.11.10.0/9 
     rightdns=8.8.8.8,8.8.4.4

ike=aes256-sha1-modp1024,aes128-sha1-modp1024,aes256-sha256-modp2048,aes128-sha256-modp2048,aes256-sha1-modp2048,aes128-sha1-modp2048,3des-sha1-modp1536,3des-sha1-modp1024

esp=aes256-sha256,aes256-sha1,aes256-sha256-modp2048,aes128-sha256-modp2048,aes256-sha1-modp2048,aes128-sha1-modp2048,3des-sha1-modp1024,3des-sha1-modp1536


When I try to connect, it fails with the below error:
LOG :
Mar 15 00:36:12 klick001 charon: 07[CFG] received stroke:
add connection 'ikev2-Teledida'
Mar 15 00:36:12 klick001 charon: 07[CFG] conn ikev2-Teledida
Mar 15 00:36:12 klick001 charon: 07[CFG]   left=%any
Mar 15 00:36:12 klick001 charon: 07[CFG] 
  leftsubnet=0.0.0.0/0 

Mar 15 00:36:12 klick001 charon: 07[CFG]   leftid=35.185.2**.***
Mar 15 00:36:12 klick001 charon: 07[CFG]   right=200.10.1**.***
Mar 15 00:36:12 klick001 charon: 07[CFG] 
  rightsourceip=10.11.10.0/9 
Mar 15 00:36:12 klick001 charon: 07[CFG] 
  rightdns=8.8.8.8,8.8.4.4

Mar 15 00:36:12 klick001 charon: 07[CFG]   rightauth=psk
Mar 15 00:36:12 klick001 charon: 07[CFG]   rightid=%any
Mar 15 00:36:12 klick001 charon: 07[CFG] 
  ike=aes256-sha1-modp1024,aes128-sha1-modp1024,aes256-sha256-modp2048,aes128-sha256-modp2048,aes256-sha1-modp2048,aes128-sha1-modp2048,3des-sha1-modp1536,3des-sha1-modp1024
Mar 15 00:36:12 klick001 charon: 07[CFG] 
  esp=aes256-sha256,aes256-sha1,aes256-sha256-modp2048,aes128-sha256-modp2048,aes256-sha1-modp2048,aes128-sha1-modp2048,3des-sha1-modp1024,3des-sha1-modp1536

Mar 15 00:36:12 klick001 charon: 07[CFG]   dpddelay=300
Mar 15 00:36:12 klick001 charon: 07[CFG]   dpdtimeout=150
Mar 15 00:36:12 klick001 charon: 07[CFG]   dpdaction=1
Mar 15 00:36:12 klick001 charon: 07[CFG]   sha256_96=no
Mar 15 00:36:12 klick001 charon: 07[

Re: [strongSwan] Error connecting from Fortigate VPN to Strongswan

[MOSES KARIUKI]

Any other suggestion on this issue?

Thanks

On Fri, Mar 15, 2019 at 10:52 AM MOSES KARIUKI  wrote:

> Thanks Chris.
>
> The client says that the port is open. I will change the Ciphers. Thanks
>
> On Fri, Mar 15, 2019 at 4:40 AM Chris Sherry  wrote:
>
>> The first thing to check is 200.10.1.X is allowing UDP/4500 inbound. That
>> being said, you should really rethink your ciphers, 3DES/SHA1 shouldn't be
>> a thing anymore.
>>
>> Chris.
>>
>> On Thu, Mar 14, 2019 at 4:57 PM MOSES KARIUKI 
>> wrote:
>>
>>> Dear Team,
>>>
>>> I have not been able to connect from a Fortigate firewall client to my
>>> Sttrongswan Host. These are the parameters set up on the Fortigate :
>>> Authentication Method Pre-Shared Secret
>>> Encryption Schema IKE
>>> Perfect Forward Secrecy- IKE DH Group-5
>>> Encryption Algorithm 3DES
>>> Hashing Algorithm SHA1
>>> Renegotiate IKE SA every 28800
>>> Main or Aggressive Mode  Main
>>> IPSec ESP
>>> Perfect Forward Secrecy-IPSEC   DH Group-2
>>> Encryption Algorithm IPSec 3DES
>>> Hashing Algorithm IPSec SHA1
>>> Renegotiate IPSec SA every 1800
>>> and below is my Strongswan config.
>>>
>>> conn ikev2-Teledida
>>> auto=start
>>> compress=no
>>> type=tunnel
>>> keyexchange=ikev2
>>> fragmentation=yes
>>> forceencaps=yes
>>> dpdaction=clear
>>> dpddelay=300s
>>> rekey=no
>>> left=%any
>>> leftid=35.185.2**.***
>>> leftsubnet=0.0.0.0/0
>>> right=200.10.1**.***
>>> rightid=%any
>>> rightauth=psk
>>> rightsourceip=10.11.10.0/9
>>> rightdns=8.8.8.8,8.8.4.4
>>>
>>> ike=aes256-sha1-modp1024,aes128-sha1-modp1024,aes256-sha256-modp2048,aes128-sha256-modp2048,aes256-sha1-modp2048,aes128-sha1-modp2048,3des-sha1-modp1536,3des-sha1-modp1024
>>>
>>> esp=aes256-sha256,aes256-sha1,aes256-sha256-modp2048,aes128-sha256-modp2048,aes256-sha1-modp2048,aes128-sha1-modp2048,3des-sha1-modp1024,3des-sha1-modp1536
>>>
>>> When I try to connect, it fails with the below error:
>>> LOG :
>>> Mar 15 00:36:12 klick001 charon: 07[CFG] received stroke: add connection
>>> 'ikev2-Teledida'
>>> Mar 15 00:36:12 klick001 charon: 07[CFG] conn ikev2-Teledida
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   left=%any
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   leftsubnet=0.0.0.0/0
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   leftid=35.185.2**.***
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   right=200.10.1**.***
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   rightsourceip=10.11.10.0/9
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   rightdns=8.8.8.8,8.8.4.4
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   rightauth=psk
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   rightid=%any
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]
>>>  
>>> ike=aes256-sha1-modp1024,aes128-sha1-modp1024,aes256-sha256-modp2048,aes128-sha256-modp2048,aes256-sha1-modp2048,aes128-sha1-modp2048,3des-sha1-modp1536,3des-sha1-modp1024
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]
>>>  
>>> esp=aes256-sha256,aes256-sha1,aes256-sha256-modp2048,aes128-sha256-modp2048,aes256-sha1-modp2048,aes128-sha1-modp2048,3des-sha1-modp1024,3des-sha1-modp1536
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   dpddelay=300
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   dpdtimeout=150
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   dpdaction=1
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   sha256_96=no
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   mediation=no
>>> Mar 15 00:36:12 klick001 charon: 07[CFG]   keyexchange=ikev2
>>> Mar 15 00:36:12 klick001 charon: 07[CFG] adding virtual IP address pool
>>> 10.11.10.0/9
>>> Mar 15 00:36:12 klick001 charon: 07[CFG] added configuration
>>> 'ikev2-Teledida'
>>> Mar 15 00:36:12 klick001 charon: 09[CFG] received stroke: initiate
>>> 'ikev2-Teledida'
>>> Mar 15 00:36:12 klick001 charon: 09[IKE] initiating IKE_SA
>>> ikev2-Teledida[1] to 200.10.1**.***
>>> Mar 15 00:36:12 klick001 charon: 09[CFG] configured proposals:
>>> IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024,
>>> IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024,
>>> IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048,
>>> IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048,
>>> IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048,
>>> IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048,
>>> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536,
>>> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024,
>>> IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/AES_XCBC_96/AES_CMAC_96/HMAC_SHA1_96/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/NTRU_128/NTRU_192/NTRU_256/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048,
>>> IKE:AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/AES_GCM_16_128/AES_GCM_16_

Re: [strongSwan] Error connecting from Fortigate VPN to Strongswan

[MOSES KARIUKI]

Thanks Chris.

The client says that the port is open. I will change the Ciphers. Thanks

On Fri, Mar 15, 2019 at 4:40 AM Chris Sherry  wrote:

> The first thing to check is 200.10.1.X is allowing UDP/4500 inbound. That
> being said, you should really rethink your ciphers, 3DES/SHA1 shouldn't be
> a thing anymore.
>
> Chris.
>
> On Thu, Mar 14, 2019 at 4:57 PM MOSES KARIUKI  wrote:
>
>> Dear Team,
>>
>> I have not been able to connect from a Fortigate firewall client to my
>> Sttrongswan Host. These are the parameters set up on the Fortigate :
>> Authentication Method Pre-Shared Secret
>> Encryption Schema IKE
>> Perfect Forward Secrecy- IKE DH Group-5
>> Encryption Algorithm 3DES
>> Hashing Algorithm SHA1
>> Renegotiate IKE SA every 28800
>> Main or Aggressive Mode  Main
>> IPSec ESP
>> Perfect Forward Secrecy-IPSEC   DH Group-2
>> Encryption Algorithm IPSec 3DES
>> Hashing Algorithm IPSec SHA1
>> Renegotiate IPSec SA every 1800
>> and below is my Strongswan config.
>>
>> conn ikev2-Teledida
>> auto=start
>> compress=no
>> type=tunnel
>> keyexchange=ikev2
>> fragmentation=yes
>> forceencaps=yes
>> dpdaction=clear
>> dpddelay=300s
>> rekey=no
>> left=%any
>> leftid=35.185.2**.***
>> leftsubnet=0.0.0.0/0
>> right=200.10.1**.***
>> rightid=%any
>> rightauth=psk
>> rightsourceip=10.11.10.0/9
>> rightdns=8.8.8.8,8.8.4.4
>>
>> ike=aes256-sha1-modp1024,aes128-sha1-modp1024,aes256-sha256-modp2048,aes128-sha256-modp2048,aes256-sha1-modp2048,aes128-sha1-modp2048,3des-sha1-modp1536,3des-sha1-modp1024
>>
>> esp=aes256-sha256,aes256-sha1,aes256-sha256-modp2048,aes128-sha256-modp2048,aes256-sha1-modp2048,aes128-sha1-modp2048,3des-sha1-modp1024,3des-sha1-modp1536
>>
>> When I try to connect, it fails with the below error:
>> LOG :
>> Mar 15 00:36:12 klick001 charon: 07[CFG] received stroke: add connection
>> 'ikev2-Teledida'
>> Mar 15 00:36:12 klick001 charon: 07[CFG] conn ikev2-Teledida
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   left=%any
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   leftsubnet=0.0.0.0/0
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   leftid=35.185.2**.***
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   right=200.10.1**.***
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   rightsourceip=10.11.10.0/9
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   rightdns=8.8.8.8,8.8.4.4
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   rightauth=psk
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   rightid=%any
>> Mar 15 00:36:12 klick001 charon: 07[CFG]
>>  
>> ike=aes256-sha1-modp1024,aes128-sha1-modp1024,aes256-sha256-modp2048,aes128-sha256-modp2048,aes256-sha1-modp2048,aes128-sha1-modp2048,3des-sha1-modp1536,3des-sha1-modp1024
>> Mar 15 00:36:12 klick001 charon: 07[CFG]
>>  
>> esp=aes256-sha256,aes256-sha1,aes256-sha256-modp2048,aes128-sha256-modp2048,aes256-sha1-modp2048,aes128-sha1-modp2048,3des-sha1-modp1024,3des-sha1-modp1536
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   dpddelay=300
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   dpdtimeout=150
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   dpdaction=1
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   sha256_96=no
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   mediation=no
>> Mar 15 00:36:12 klick001 charon: 07[CFG]   keyexchange=ikev2
>> Mar 15 00:36:12 klick001 charon: 07[CFG] adding virtual IP address pool
>> 10.11.10.0/9
>> Mar 15 00:36:12 klick001 charon: 07[CFG] added configuration
>> 'ikev2-Teledida'
>> Mar 15 00:36:12 klick001 charon: 09[CFG] received stroke: initiate
>> 'ikev2-Teledida'
>> Mar 15 00:36:12 klick001 charon: 09[IKE] initiating IKE_SA
>> ikev2-Teledida[1] to 200.10.1**.***
>> Mar 15 00:36:12 klick001 charon: 09[CFG] configured proposals:
>> IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024,
>> IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024,
>> IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048,
>> IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048,
>> IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048,
>> IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048,
>> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536,
>> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024,
>> IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/AES_XCBC_96/AES_CMAC_96/HMAC_SHA1_96/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/NTRU_128/NTRU_192/NTRU_256/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048,
>> IKE:AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/CHACHA20_POLY1305_256/CAMELLIA_CCM_16_128/CAMELLIA_CCM_16_192/CAMELLIA_CCM_16_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_GCM_8_128/AES_