[strongSwan] question regarding multiple CA certificates
Hi, I am wondering how strongswan deals with multiple CA certificates. I ran into a problem that strongswan does not allow more than 20 CA certs with the following message: May 19 09:27:54 16[ENC] payload of type CERTREQ_V1 more than 20 times (21) occurred in current message I see in the log file with entries like the following for each CA cert in the ipsec.d/cacerts directory. May 19 09:56:41 05[ENC] added payload of type CERTIFICATE_REQUEST_V1 to message May 19 09:56:41 05[IKE] sending cert request for C=US, O=XXX, OU= IPSec Tests, CN=test 2 26 v4 CA By looking at code and comments in build_certreqs it looks like it is possible to avoid sending all trusted CA certificates if a specific CA for the peer is found. /* check if we require a specific CA for that peer */ peer_cfg = this-ike_sa-get_peer_cfg(this-ike_sa); if (peer_cfg) { enumerator = peer_cfg-create_auth_cfg_enumerator(peer_cfg, FALSE); if (enumerator-enumerate(enumerator, auth)) { add_certreqs(this, auth, message); } enumerator-destroy(enumerator); } if (!message-get_payload(message, CERTIFICATE_REQUEST_V1)) { /* otherwise add all trusted CA certificates */ enumerator = lib-credmgr-create_cert_enumerator(lib-credmgr, CERT_ANY, KEY_ANY, +NULL, TRUE); while (enumerator-enumerate(enumerator, cert)) { add_certreq(this, message, cert); } enumerator-destroy(enumerator); } However, I don't know how to code the config file to cause strongswan to send only the specific CA. From the debugging it seems like peer_cfg is NULL in the config example I have below. Can someone give me an example of how to avoid sending all CAs. Thanks! conn conn_10_ike2_83 left=10.2.10.122 leftcert=test_2.10_cert_ipv4.der leftca=C=US, O=XXX, OU=IPSec Tests, CN=test 2 10 v4 CA right=10.2.10.83 rightid=10.2.10.83 rightca=C=US, O=XXX, OU= IPSec Tests, CN=test 2 10 v4 CA esp=aes256-sha512-ecp521! ike=aes256-sha512-ecp521! keyexchange=ikev2 marginbytes=340 ikelifetime=30m lifetime=10m lifebytes=6800 conn conn_14_ike1_122 left=10.1.14.83 leftcert=test_1.14_cert_ipv4.der leftca=C=US, O=Stratus Tech, OU=VOS IPSec Tests, CN=test 1 14 v4 CA right=10.1.14.122 rightid=10.1.14.122 rightca=C=US, O=Stratus Tech, OU=VOS IPSec Tests, CN=test 1 14 v4 CA esp=aes128-sha256-modp2048! ike=aes128-sha256-modp2048! keyexchange=ikev1 marginbytes=340 ikelifetime=24h lifetime=24h ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] ipv6 connection not working
Hi Noel, Sorry I sent the wrong log information. It turned out the problem that I had was related to issue #595. Once the passthru policy is added for icmpv6 codes 135/136 are added everything works. Thanks for your response. Bettina -Original Message- From: Noel Kuntze [mailto:n...@familie-kuntze.de] Sent: Saturday, May 16, 2015 2:23 AM To: Ko, HsuenJu; 'users@lists.strongswan.org' Subject: Re: [strongSwan] ipv6 connection not working -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello Bettina, That sending_message is for a different IKE SA. Your configuration uses IPv6, but the log shows an IPv4 packet. The packet is also sent 5 minutes after Main Mode gets initiated. Mit freundlichen Grüßen/Kind Regards, Noel Kuntze GPG Key ID: 0x63EC6658 Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 Am 15.05.2015 um 14:37 schrieb Ko, HsuenJu: Hi, I am testing ipv6 connection using ikev1 and it appears ike exchange packet was not seen by tcpdump. Here is the information. Here is the version that I am using. Linux strongSwan U5.2.0/K2.6.32-504.el6.x86_64 Here is the config. conn conn_14_ike1_ipv6_122 left=fcc1:e::53 leftcert=test_1.14_cert_ipv6.der leftca=%same right=fcc1:e::7a rightid=fcc1:e::7a rightca=*C=US, O=XXX, OU=VOS IPSec Tests, CN=test 1 14 v6 CA* esp=aes128-sha256-modp2048! ike=aes128-sha256-modp2048! keyexchange=ikev1 marginbytes=340 ikelifetime=24h lifetime=24h And here are some information from the log. May 15 06:44:24 15[KNL] creating acquire job for policy fcc1:e::53/128[udp/41615] === fcc1:e::7a/128[udp/blackjack] with reqid {8} … May 15 06:44:24 14[IKE] initiating Main Mode IKE_SA conn_14_ike1_ipv6_122[1] to fcc1:e::7a May 15 06:44:24 14[IKE] IKE_SA conn_14_ike1_ipv6_122[1] state change: CREATED = CONNECTING May 15 06:44:24 14[CFG] configured proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048 … May 15 06:49:46 16[NET] sending packet: from 10.1.14.83[500] to 10.1.14.122[500] (160 bytes) May 15 06:49:46 07[NET] sending packet: from 10.1.14.83[500] to 10.1.14.122[500] However, I never see this packet with tcpdump. If I used ipv4 address instead, I can see the tcpdump showing that UDP packets. I saw issue #860 with acquire job message. But that issue seems only apply to ikev2. Can someone explain what might be wrong? Thanks! Bettina ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJVVuJXAAoJEDg5KY9j7GZYHNIP/AzwOqtIj7weBlzsOKA4nv99 lkGbmVxe4bsKsRZBRXrqxkCrjgKGHZKV40VzMH9msP4RPYjOBPuD6G36O6Zhgtwt rvhDnPZthbk3Uan5HrH3omh2Qq2VwBtOQQ5+iSJ2Z7XFXNk5eZ1ETjXTrHWtXbYB /Ssw9uKzRHRRnojX00/kb/R4aqlIJHe4rjyy9XUN1OQm3JJXU8YxN0txoTk7E3gw r6yNxhkp3mrjvjRrqGyrUnHQG8Y4CQTzMMYJjTXMTQVKu5dHn67Y6rgZMMyD/5BS lfwRY/pOc9XZXZixiBocbAKYInu7Xnjtkf5M/ghHxkGQvnHXsixFD64nee7+/2OS aKBk9F/A/h1IAYDwA0ZQxpndVi3KQfrHCJHDxUH+7IostYKitfRgxE9pbOcLB44Z fqrW77lwLk8PKys0kxQVMXTkNSuiCpCMkmytawZcKbZuJQ8a4bANRRY70KPOW85U VX1xImjMkYMunmXDt8LTa2DTXJFADDqmIho5MXYeoP91WuK3yDiuBD3fPoJLUUex JCvVRapFAYyVexHeVth/kA3iGlAuMDgBrZ3xJBuANpv7uCob9aQl2dW4B7U/kxOh UPSRaoG5sLBEhe9Q6iKCmCe8FD99nO8e4vDxQeuRmwDaJH9ex9WHUhWHeRzAUuI5 pLn2b0Dqfg1l/oGV8vLh =aQss -END PGP SIGNATURE- ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
[strongSwan] ipv6 connection not working
Hi, I am testing ipv6 connection using ikev1 and it appears ike exchange packet was not seen by tcpdump. Here is the information. Here is the version that I am using. Linux strongSwan U5.2.0/K2.6.32-504.el6.x86_64 Here is the config. conn conn_14_ike1_ipv6_122 left=fcc1:e::53 leftcert=test_1.14_cert_ipv6.der leftca=%same right=fcc1:e::7a rightid=fcc1:e::7a rightca=C=US, O=XXX, OU=VOS IPSec Tests, CN=test 1 14 v6 CA esp=aes128-sha256-modp2048! ike=aes128-sha256-modp2048! keyexchange=ikev1 marginbytes=340 ikelifetime=24h lifetime=24h And here are some information from the log. May 15 06:44:24 15[KNL] creating acquire job for policy fcc1:e::53/128[udp/41615] === fcc1:e::7a/128[udp/blackjack] with reqid {8} ... May 15 06:44:24 14[IKE] initiating Main Mode IKE_SA conn_14_ike1_ipv6_122[1] to fcc1:e::7a May 15 06:44:24 14[IKE] IKE_SA conn_14_ike1_ipv6_122[1] state change: CREATED = CONNECTING May 15 06:44:24 14[CFG] configured proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048 ... May 15 06:49:46 16[NET] sending packet: from 10.1.14.83[500] to 10.1.14.122[500] (160 bytes) May 15 06:49:46 07[NET] sending packet: from 10.1.14.83[500] to 10.1.14.122[500] However, I never see this packet with tcpdump. If I used ipv4 address instead, I can see the tcpdump showing that UDP packets. I saw issue #860 with acquire job message. But that issue seems only apply to ikev2. Can someone explain what might be wrong? Thanks! Bettina ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] failure with ike using sha2
Hi Andreas, Noel suggested me to rearrange the order of plugins being loaded and it worked if I loaded hmac plugin before opensssl plugin. Please let me know if there is a fix for openssl since changing the load order of plugin is not recommended. Thanks! Bettina To answer your question, I was able to load sha2 plugin successfully. In the log it shows the following. Mar 27 10:15:30 00[LIB] loading feature PRF:PRF_HMAC_SHA2_256 in plugin 'openssl' Mar 27 10:15:30 00[LIB] loading feature PRF:PRF_HMAC_SHA2_384 in plugin 'openssl' Mar 27 10:15:30 00[LIB] loading feature PRF:PRF_HMAC_SHA2_512 in plugin 'openssl' Here is the information from ipsec statusall that I sent earlier. List of registered IKE algorithms: encryption: DES_CBC[des] 3DES_CBC[des] IDEA_CBC[openssl] CAST_CBC[openssl] BLOWFISH_CBC[openssl] NULL[openssl] AES_CBC[aes] CAMELLIA_CBC[openssl] DES_ECB[des] RC2_CBC[rc2] integrity: HMAC_MD5_96[openssl] HMAC_SHA1_96[openssl] AES_XCBC_96[xcbc] HMAC_MD5_128[openssl] HMAC_SHA1_160[openssl] AES_CMAC_96[cmac] HMAC_SHA2_256_128[openssl] HMAC_SHA2_384_192[openssl] HMAC_SHA2_512_256[openssl] HMAC_SHA1_128[openssl] HMAC_SHA2_256_256[openssl] HMAC_SHA2_384_384[openssl] HMAC_SHA2_512_512[openssl] CAMELLIA_XCBC_96[xcbc] aead: AES_GCM_8[openssl] AES_GCM_12[openssl] AES_GCM_16[openssl] hasher: HASH_MD4[openssl] HASH_MD5[md5] HASH_SHA1[sha1] HASH_SHA224[sha2] HASH_SHA256[sha2] HASH_SHA384[sha2] HASH_SHA512[sha2] prf:PRF_HMAC_MD5[openssl] PRF_HMAC_SHA1[openssl] PRF_AES128_XCBC[xcbc] PRF_HMAC_SHA2_256[openssl] PRF_HMAC_SHA2_384[openssl] PRF_HMAC_SHA2_512[openssl] PRF_AES128_CMAC[cmac] PRF_FIPS_SHA1_160[fips-prf] PRF_KEYED_SHA1[sha1] PRF_CAMELLIA128_XCBC[xcbc] dh-group: MODP_768[openssl] MODP_1024[openssl] MODP_1536[openssl] MODP_2048[openssl] MODP_3072[openssl] MODP_4096[openssl] MODP_6144[openssl] MODP_8192[openssl] ECP_256[openssl] ECP_384[openssl] ECP_521[openssl] MODP_1024_160[openssl] MODP_2048_224[openssl] MODP_2048_256[openssl] ECP_192[openssl] ECP_224[openssl] ECP_224_BP[openssl] ECP_256_BP[openssl] ECP_384_BP[openssl] ECP_512_BP[openssl] MODP_CUSTOM[openssl] random-gen: RNG_WEAK[openssl] RNG_STRONG[random] RNG_TRUE[random] nonce-gen: [nonce] -Original Message- From: Andreas Steffen [mailto:andreas.stef...@strongswan.org] Sent: Friday, March 27, 2015 5:01 PM To: Ko, HsuenJu; users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 Hi Bettina, are you sure that you loaded the sha2 plugin because the HMAC-SHA2 algorithms for the prf_plus seem to fail. ipsec statusall should list the sha2 plugin. Regards Andreas On 03/27/2015 04:05 PM, Ko, HsuenJu wrote: Hi , I got error of key derivation failed when I configured ike using sha2. I don't have problem with md5 or sha1. And I am using strongswan 5.1.1. Here is the corresponding log. Can someone tell me what I did wrong or is this a bug? Thanks! Bettina ike=aes128-sha256-modp2048! Mar 27 10:15:41 11[IKE] SKEYSEED = 32 bytes @ 0x41c89760 Mar 27 10:15:41 11[IKE]0: 40 06 D6 2C 40 06 D8 24 40 F5 00 20 41 C7 BB 20 @..,@..$@.. A.. Mar 27 10:15:41 11[IKE] 16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Mar 27 10:15:41 11[IKE] key derivation failed ike=aes128-sha384-modp2048! Mar 27 10:46:03 09[IKE] SKEYSEED = 48 bytes @ 0x41c8bf70 Mar 27 10:46:03 09[IKE]0: 43 36 20 31 35 20 31 34 20 30 42 20 38 38 20 36 C6 15 14 0B 88 6 Mar 27 10:46:03 09[IKE] 16: 46 20 43 38 20 38 45 20 35 34 20 42 44 20 38 42 F C8 8E 54 BD 8B Mar 27 10:46:03 09[IKE] 32: 20 31 46 20 32 38 20 36 44 20 33 41 20 20 2E 2E 1F 28 6D 3A .. Mar 27 10:46:03 09[IKE] key derivation failed ike=aes128-sha512-modp2048! Mar 27 10:48:17 09[IKE] SKEYSEED = 64 bytes @ 0x41c8bf70 Mar 27 10:48:17 09[IKE]0: 31 45 20 38 33 20 31 33 20 38 39 20 31 36 20 34 1E 83 13 89 16 4 Mar 27 10:48:17 09[IKE] 16: 36 20 35 32 20 32 30 20 39 34 20 31 43 20 44 36 6 52 20 94 1C D6 Mar 27 10:48:17 09[IKE] 32: 20 38 39 20 37 38 20 42 43 20 39 41 20 20 69 2E 89 78 BC 9A i. Mar 27 10:48:17 09[IKE] 48: 2E 2E 2E 2E 46 52 20 2E 2E 2E 2E 78 2E 2E 0A 20 FR x... Mar 27 10:48:17 09[IKE] key derivation failed ___ Users mailing list Users@lists.strongswan.orgmailto:Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users -- == Andreas Steffen andreas.stef...@strongswan.orgmailto:andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.orghttp://www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH
Re: [strongSwan] failure with ike using sha2
Hi Martin, I was wondering about that when I saw other mails about this and I checked our openssl and I believe we are using Openssl 1.0.1j. Thanks for your help! Bettina -Original Message- From: Martin Willi [mailto:mar...@strongswan.org] Sent: Monday, March 30, 2015 8:19 AM To: Ko, HsuenJu Cc: users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 Please let me know if there is a fix for openssl since changing the load order of plugin is not recommended. If you are using OpenSSL 1.0.2a, you might try the strongSwan fix provided at [1]. Regards Martin [1]http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=openssl-hmac ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
[strongSwan] failure with ike using sha2
Hi , I got error of key derivation failed when I configured ike using sha2. I don't have problem with md5 or sha1. And I am using strongswan 5.1.1. Here is the corresponding log. Can someone tell me what I did wrong or is this a bug? Thanks! Bettina ike=aes128-sha256-modp2048! Mar 27 10:15:41 11[IKE] SKEYSEED = 32 bytes @ 0x41c89760 Mar 27 10:15:41 11[IKE]0: 40 06 D6 2C 40 06 D8 24 40 F5 00 20 41 C7 BB 20 @..,@..$@.. A.. Mar 27 10:15:41 11[IKE] 16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Mar 27 10:15:41 11[IKE] key derivation failed ike=aes128-sha384-modp2048! Mar 27 10:46:03 09[IKE] SKEYSEED = 48 bytes @ 0x41c8bf70 Mar 27 10:46:03 09[IKE]0: 43 36 20 31 35 20 31 34 20 30 42 20 38 38 20 36 C6 15 14 0B 88 6 Mar 27 10:46:03 09[IKE] 16: 46 20 43 38 20 38 45 20 35 34 20 42 44 20 38 42 F C8 8E 54 BD 8B Mar 27 10:46:03 09[IKE] 32: 20 31 46 20 32 38 20 36 44 20 33 41 20 20 2E 2E 1F 28 6D 3A .. Mar 27 10:46:03 09[IKE] key derivation failed ike=aes128-sha512-modp2048! Mar 27 10:48:17 09[IKE] SKEYSEED = 64 bytes @ 0x41c8bf70 Mar 27 10:48:17 09[IKE]0: 31 45 20 38 33 20 31 33 20 38 39 20 31 36 20 34 1E 83 13 89 16 4 Mar 27 10:48:17 09[IKE] 16: 36 20 35 32 20 32 30 20 39 34 20 31 43 20 44 36 6 52 20 94 1C D6 Mar 27 10:48:17 09[IKE] 32: 20 38 39 20 37 38 20 42 43 20 39 41 20 20 69 2E 89 78 BC 9A i. Mar 27 10:48:17 09[IKE] 48: 2E 2E 2E 2E 46 52 20 2E 2E 2E 2E 78 2E 2E 0A 20 FR x... Mar 27 10:48:17 09[IKE] key derivation failed ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] failure with ike using sha2
Hi Noel, Thank you for the help. I will give it a try. Bettina -Original Message- From: Noel Kuntze [mailto:n...@familie-kuntze.de] Sent: Friday, March 27, 2015 12:36 PM To: Ko, HsuenJu; users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello Bettina, Yes, try loading the hmac plugin first. To change the load order of the plugins, you need to set charon.load in strongswan.conf to the list of plugins you want to load. As a starting point for the list, you can take the loaded plugins list in the output of ipsec statusall. For the syntax of the file, look at the man page for strongswan.conf Mit freundlichen Grüßen/Kind Regards, Noel Kuntze GPG Key ID: 0x63EC6658 Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 Am 27.03.2015 um 16:33 schrieb Ko, HsuenJu: Hi Noel, Here is some output from ipsec statusall. Status of IKE charon daemon (strongSwan 5.1.1, VOS OpenVOS Release 18.0.0af, i786): ... loaded plugins: charon aes des rc2 sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey pem openssl fips-prf xcbc cmac hmac attr kernel-pfkey kernel-pfroute resolve socket-default stroke updown xauth-generic Here is some output from ipsec listall. List of registered IKE algorithms: encryption: DES_CBC[des] 3DES_CBC[des] IDEA_CBC[openssl] CAST_CBC[openssl] BLOWFISH_CBC[openssl] NULL[openssl] AES_CBC[aes] CAMELLIA_CBC[openssl] DES_ECB[des] RC2_CBC[rc2] integrity: HMAC_MD5_96[openssl] HMAC_SHA1_96[openssl] AES_XCBC_96[xcbc] HMAC_MD5_128[openssl] HMAC_SHA1_160[openssl] AES_CMAC_96[cmac] HMAC_SHA2_256_128[openssl] HMAC_SHA2_384_192[openssl] HMAC_SHA2_512_256[openssl] HMAC_SHA1_128[openssl] HMAC_SHA2_256_256[openssl] HMAC_SHA2_384_384[openssl] HMAC_SHA2_512_512[openssl] CAMELLIA_XCBC_96[xcbc] aead: AES_GCM_8[openssl] AES_GCM_12[openssl] AES_GCM_16[openssl] hasher: HASH_MD4[openssl] HASH_MD5[md5] HASH_SHA1[sha1] HASH_SHA224[sha2] HASH_SHA256[sha2] HASH_SHA384[sha2] HASH_SHA512[sha2] prf:PRF_HMAC_MD5[openssl] PRF_HMAC_SHA1[openssl] PRF_AES128_XCBC[xcbc] PRF_HMAC_SHA2_256[openssl] PRF_HMAC_SHA2_384[openssl] PRF_HMAC_SHA2_512[openssl]PRF_AES128_CMAC[cmac] PRF_FIPS_SHA1_160[fips-prf] PRF_KEYED_SHA1[sha1] PRF_CAMELLIA128_XCBC[xcbc] dh-group: MODP_768[openssl] MODP_1024[openssl] MODP_1536[openssl] MODP_2048[openssl] MODP_3072[openssl] MODP_4096[openssl] MODP_6144[openssl] MODP_8192[openssl] ECP_256[openssl] ECP_384[openssl] ECP_521[openssl] MODP_1024_160[openssl] MODP_2048_224[openssl] MODP_2048_256[openssl] ECP_192[openssl] ECP_224[openssl] ECP_224_BP[openssl] ECP_256_BP[openssl] ECP_384_BP[openssl] ECP_512_BP[openssl] MODP_CUSTOM[openssl] random-gen: RNG_WEAK[openssl] RNG_STRONG[random] RNG_TRUE[random] nonce-gen: [nonce] Here is just very simple connection. conn test_14 left=10.2.14.122 leftauth=pubkey leftcert=test_2.14_cert_ipv4.der right=10.2.14.120 esp=aes128-sha256-modp2048! ike=aes128-sha512-modp2048! keyingtries=8 rightauth=pubkey It looks like both openssl and hmac supports that. Should I try load hmac first? How do I change that order? Thanks! Bettina -Original Message- From: Noel Kuntze [mailto:n...@familie-kuntze.de] Sent: Friday, March 27, 2015 11:19 AM To: Ko, HsuenJu; users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 Hello Bettina, First, you have to find out what plugin currently provides those algorithms. Do that by examining the list of loaded plugins in the output of ipsec statusall. On my box, sha1 and sha2 can be either supplied by the af-alg, hmac or openssl plugin. The plugin which is loaded first supplies them. To make your life easier, I advise to post the list of loaded plugins here, so we can look at it and help you. Furthermore, please state what version of strongswan you are using and what the content of your strongswan.conf is. Mit freundlichen Grüßen/Regards, Noel Kuntze Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 Am 27.03.2015 um 16:12 schrieb Ko, HsuenJu: Hi, Thanks for the information. How do I find out which plugin to try? Bettina -Original Message- From: users-boun...@lists.strongswan.org mailto:users-boun...@lists.strongswan.org [mailto:users-boun...@lists.strongswan.org] On Behalf Of Noel Kuntze Sent: Friday, March 27, 2015 11:12 AM To: users@lists.strongswan.org mailto:users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 Hello, That sounds like the plugin that provides those algorithms is broken. You can try to work around that by making charon load
Re: [strongSwan] failure with ike using sha2
Hi Noel, Here is some output from ipsec statusall. Status of IKE charon daemon (strongSwan 5.1.1, VOS OpenVOS Release 18.0.0af, i786): ... loaded plugins: charon aes des rc2 sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey pem openssl fips-prf xcbc cmac hmac attr kernel-pfkey kernel-pfroute resolve socket-default stroke updown xauth-generic Here is some output from ipsec listall. List of registered IKE algorithms: encryption: DES_CBC[des] 3DES_CBC[des] IDEA_CBC[openssl] CAST_CBC[openssl] BLOWFISH_CBC[openssl] NULL[openssl] AES_CBC[aes] CAMELLIA_CBC[openssl] DES_ECB[des] RC2_CBC[rc2] integrity: HMAC_MD5_96[openssl] HMAC_SHA1_96[openssl] AES_XCBC_96[xcbc] HMAC_MD5_128[openssl] HMAC_SHA1_160[openssl] AES_CMAC_96[cmac] HMAC_SHA2_256_128[openssl] HMAC_SHA2_384_192[openssl] HMAC_SHA2_512_256[openssl] HMAC_SHA1_128[openssl] HMAC_SHA2_256_256[openssl] HMAC_SHA2_384_384[openssl] HMAC_SHA2_512_512[openssl] CAMELLIA_XCBC_96[xcbc] aead: AES_GCM_8[openssl] AES_GCM_12[openssl] AES_GCM_16[openssl] hasher: HASH_MD4[openssl] HASH_MD5[md5] HASH_SHA1[sha1] HASH_SHA224[sha2] HASH_SHA256[sha2] HASH_SHA384[sha2] HASH_SHA512[sha2] prf:PRF_HMAC_MD5[openssl] PRF_HMAC_SHA1[openssl] PRF_AES128_XCBC[xcbc] PRF_HMAC_SHA2_256[openssl] PRF_HMAC_SHA2_384[openssl] PRF_HMAC_SHA2_512[openssl] PRF_AES128_CMAC[cmac] PRF_FIPS_SHA1_160[fips-prf] PRF_KEYED_SHA1[sha1] PRF_CAMELLIA128_XCBC[xcbc] dh-group: MODP_768[openssl] MODP_1024[openssl] MODP_1536[openssl] MODP_2048[openssl] MODP_3072[openssl] MODP_4096[openssl] MODP_6144[openssl] MODP_8192[openssl] ECP_256[openssl] ECP_384[openssl] ECP_521[openssl] MODP_1024_160[openssl] MODP_2048_224[openssl] MODP_2048_256[openssl] ECP_192[openssl] ECP_224[openssl] ECP_224_BP[openssl] ECP_256_BP[openssl] ECP_384_BP[openssl] ECP_512_BP[openssl] MODP_CUSTOM[openssl] random-gen: RNG_WEAK[openssl] RNG_STRONG[random] RNG_TRUE[random] nonce-gen: [nonce] Here is just very simple connection. conn test_14 left=10.2.14.122 leftauth=pubkey leftcert=test_2.14_cert_ipv4.der right=10.2.14.120 esp=aes128-sha256-modp2048! ike=aes128-sha512-modp2048! keyingtries=8 rightauth=pubkey It looks like both openssl and hmac supports that. Should I try load hmac first? How do I change that order? Thanks! Bettina -Original Message- From: Noel Kuntze [mailto:n...@familie-kuntze.de] Sent: Friday, March 27, 2015 11:19 AM To: Ko, HsuenJu; users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello Bettina, First, you have to find out what plugin currently provides those algorithms. Do that by examining the list of loaded plugins in the output of ipsec statusall. On my box, sha1 and sha2 can be either supplied by the af-alg, hmac or openssl plugin. The plugin which is loaded first supplies them. To make your life easier, I advise to post the list of loaded plugins here, so we can look at it and help you. Furthermore, please state what version of strongswan you are using and what the content of your strongswan.conf is. Mit freundlichen Grüßen/Regards, Noel Kuntze Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 Am 27.03.2015 um 16:12 schrieb Ko, HsuenJu: Hi, Thanks for the information. How do I find out which plugin to try? Bettina -Original Message- From: users-boun...@lists.strongswan.orgmailto:users-boun...@lists.strongswan.org [mailto:users-boun...@lists.strongswan.org] On Behalf Of Noel Kuntze Sent: Friday, March 27, 2015 11:12 AM To: users@lists.strongswan.orgmailto:users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 Hello, That sounds like the plugin that provides those algorithms is broken. You can try to work around that by making charon load another plugin, which provides the PRF algorithms for those signature algorithms, before the one you are using right now. Mit freundlichen Grüßen/Regards, Noel Kuntze Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 Am 27.03.2015 um 16:05 schrieb Ko, HsuenJu: Hi , I got error of “key derivation failed” when I configured ike using sha2. I don’t have problem with md5 or sha1. And I am using strongswan 5.1.1. Here is the corresponding log. Can someone tell me what I did wrong or is this a bug? Thanks! Bettina ike=aes128-sha256-modp2048! Mar 27 10:15:41 11[IKE] SKEYSEED = 32 bytes @ 0x41c89760 Mar 27 10:15:41 11[IKE]0: 40 06 D6 2C 40 06 D8 24 40 F5 00 20 41 C7 BB 20 @..,@..$@.. A.. Mar 27 10:15:41 11[IKE] 16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Mar 27 10:15:41 11[IKE] key derivation failed ike=aes128-sha384-modp2048! Mar
Re: [strongSwan] failure with ike using sha2
Hi, Thanks for the information. How do I find out which plugin to try? Bettina -Original Message- From: users-boun...@lists.strongswan.org [mailto:users-boun...@lists.strongswan.org] On Behalf Of Noel Kuntze Sent: Friday, March 27, 2015 11:12 AM To: users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello, That sounds like the plugin that provides those algorithms is broken. You can try to work around that by making charon load another plugin, which provides the PRF algorithms for those signature algorithms, before the one you are using right now. Mit freundlichen Grüßen/Regards, Noel Kuntze Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 Am 27.03.2015 um 16:05 schrieb Ko, HsuenJu: Hi , I got error of “key derivation failed” when I configured ike using sha2. I don’t have problem with md5 or sha1. And I am using strongswan 5.1.1. Here is the corresponding log. Can someone tell me what I did wrong or is this a bug? Thanks! Bettina ike=aes128-sha256-modp2048! Mar 27 10:15:41 11[IKE] SKEYSEED = 32 bytes @ 0x41c89760 Mar 27 10:15:41 11[IKE]0: 40 06 D6 2C 40 06 D8 24 40 F5 00 20 41 C7 BB 20 @..,@..$@.. A.. Mar 27 10:15:41 11[IKE] 16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Mar 27 10:15:41 11[IKE] key derivation failed ike=aes128-sha384-modp2048! Mar 27 10:46:03 09[IKE] SKEYSEED = 48 bytes @ 0x41c8bf70 Mar 27 10:46:03 09[IKE]0: 43 36 20 31 35 20 31 34 20 30 42 20 38 38 20 36 C6 15 14 0B 88 6 Mar 27 10:46:03 09[IKE] 16: 46 20 43 38 20 38 45 20 35 34 20 42 44 20 38 42 F C8 8E 54 BD 8B Mar 27 10:46:03 09[IKE] 32: 20 31 46 20 32 38 20 36 44 20 33 41 20 20 2E 2E 1F 28 6D 3A .. Mar 27 10:46:03 09[IKE] key derivation failed ike=aes128-sha512-modp2048! Mar 27 10:48:17 09[IKE] SKEYSEED = 64 bytes @ 0x41c8bf70 Mar 27 10:48:17 09[IKE]0: 31 45 20 38 33 20 31 33 20 38 39 20 31 36 20 34 1E 83 13 89 16 4 Mar 27 10:48:17 09[IKE] 16: 36 20 35 32 20 32 30 20 39 34 20 31 43 20 44 36 6 52 20 94 1C D6 Mar 27 10:48:17 09[IKE] 32: 20 38 39 20 37 38 20 42 43 20 39 41 20 20 69 2E 89 78 BC 9A i. Mar 27 10:48:17 09[IKE] 48: 2E 2E 2E 2E 46 52 20 2E 2E 2E 2E 78 2E 2E 0A 20 FR x... Mar 27 10:48:17 09[IKE] key derivation failed ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJVFXMnAAoJEDg5KY9j7GZYNVsP/3cRYJuUPFrzdqD9a+ZkVrYZ ObZd8GvKILYj71OEO3yRrUB8zTUqVmBVbmBJ+EMKrLJRfDLZlooFu31LQkp7H4pJ xYT3K7bPBz5hFQD8x8gt13z61Xrt/QIALvul2heyvM/BdH817Dm03Fzfa9J+rXVa K7d5ZlNJbLmMzBnN+KCXMsb46ntqrjf34wNokyQ5bFxfnStoFIG5KhrRojkybLN/ LG+mITUFNqOLIy+kMRavxejx4ylwvF4Ev6nlDVgJFD/lj0d+hlrZugpONaojuXYd 2FW8sQk2d2YznjJu61rwP4LearObFONsjzfaEwB6CQDZIgaRf2MhVHrOJxoXzdH1 qGEuNcbhFhXNeAYsZb9UnpHGHw/l7zumuQY+xXIbRlBaIY6RYTb4psq7RVuowSyx YbT00ftK6kC3rACbnPg6eRBTQkuTH5Yr5xeSyBUbr6usJOMhSrJqkq2d6EVt7XFT KVCX+GUazShrYG+R5lhKk2lcetKSISgQ2xKb3Fxi0OIrgzrp37h0U8578WEq/TGC JtX3/zZpzV278UkhTEpZFsTBwW0+COh1BQUcYOchnhyV+dlDEuPCwQjuxvuJbA3V hVlpc8x4qH9GIVCYeTim4csYP/ttZOwetCq0CALjBAHKxz78z4monbHgtFeSizgu LBJgRXQrpq5HhxY/8+Cc =BVxp -END PGP SIGNATURE- ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Machine certificates from BB10 devices fail to connect (PSK works); ideas?
Thanks to confirm this. Bettina -Original Message- From: Andreas Steffen [mailto:andreas.stef...@strongswan.org] Sent: Wednesday, March 25, 2015 10:17 AM To: Ko, HsuenJu; Karl Denninger; users@lists.strongswan.org Subject: Re: [strongSwan] Machine certificates from BB10 devices fail to connect (PSK works); ideas? Yes, setting left|rightid to the subject DN does also work. Regards Andreas On 25.03.2015 14:26, Ko, HsuenJu wrote: Hi Andreas, Is setting left|rightid to full subject DN another solution? Thanks! Bettina -Original Message- From: users-boun...@lists.strongswan.org [mailto:users-boun...@lists.strongswan.org] On Behalf Of Andreas Steffen Sent: Wednesday, March 25, 2015 8:49 AM To: Karl Denninger; users@lists.strongswan.org Subject: Re: [strongSwan] Machine certificates from BB10 devices fail to connect (PSK works); ideas? Hi Karl, in order to find a match, the IKEv2 ID 'k...@denninger.net' must be contained as a subjectAltName in the X.509 client certificate. strongSwan does not do any matching to the CN= or E= fields of the certificate's subjectDistinguishedName. Best regards Andreas On 03/25/2015 05:36 AM, Karl Denninger wrote: I'm having a problem getting PKI-authenticated connections from BB10 smartphones to work. PSK-authentication works; I have the following stanza in ipsec.conf: conn BB10 left=%any leftsubnet=0.0.0.0/0 right=%any rightsourceip=192.168.2.0/24 rightauth=psk leftcert=genesis.denninger.net.crt leftauth=pubkey auto=add This works fine; the proper secret is in the ipsec.secrets file. If I change rightauth to pubkey, however, and specify a client certificate to be sent on the client side I get this: Mar 24 23:30:19 NewFS charon: 16[NET] sending packet: from 70.169.168.7[500] to 192.168.1.21[500] (333 bytes) Mar 24 23:30:19 NewFS charon: 16[NET] received packet: from 192.168.1.21[500] to 70.169.168.7[500] (2444 bytes) Mar 24 23:30:19 NewFS charon: 16[ENC] parsed IKE_AUTH request 1 [ IDi CERT CERTREQ AUTH CPRQ(ADDR MASK DNS DNS NBNS NBNS VER) N(INIT_CONTACT) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ] Mar 24 23:30:19 NewFS charon: 16[IKE] received end entity cert C=US, ST=Florida, O=Cuda Systems LLC, CN=Karl Denninger, E=k...@denninger.net Mar 24 23:30:19 NewFS charon: 16[CFG] looking for peer configs matching 70.169.168.7[%any]...192.168.1.21[k...@denninger.net] Mar 24 23:30:19 NewFS charon: 16[CFG] selected peer config 'BB10' Mar 24 23:30:19 NewFS charon: 16[IKE] no trusted RSA public key found for 'k...@denninger.net' The public key, however, IS in the ipsec.d/certs directory and IS readable. In addition ipsec listcacerts does show the CA that issued the machine certificate. However, ipsec listcerts does not display it; all it shows is the machine cert for the server: [root@NewFS /usr/local/etc/ipsec.d]# ipsec listcerts List of X.509 End Entity Certificates: subject: C=US, ST=Florida, O=Cuda Systems LLC, CN=genesis.denninger.net, E=postmas...@genesis.denninger.net issuer: C=US, ST=Florida, L=Niceville, O=Cuda Systems LLC, CN=Cuda Systems LLC CA, E=Cuda Systems LLC CA serial:17 validity: not before Mar 24 22:48:26 2015, ok not after Mar 21 22:48:26 2025, ok pubkey:RSA 4096 bits, has private key keyid: 58:e0:39:09:a8:60:69:4e:80:4e:03:c5:03:d4:62:4d:0e:f3:80:7d subjkey: e7:7b:7c:61:2e:5e:af:06:d0:9d:ff:29:3d:12:ae:a2:61:bf:60:56 authkey: 24:71:9b:9d:85:7d:fc:dd:dd:bd:b0:ca:92:94:03:a1:fa:d3:6d:35 [root@NewFS /usr/local/etc/ipsec.d]# What am I missing? -- Karl Denninger k...@denninger.net mailto:k...@denninger.net /The Market Ticker/ == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Machine certificates from BB10 devices fail to connect (PSK works); ideas?
Hi Andreas, Is setting left|rightid to full subject DN another solution? Thanks! Bettina -Original Message- From: users-boun...@lists.strongswan.org [mailto:users-boun...@lists.strongswan.org] On Behalf Of Andreas Steffen Sent: Wednesday, March 25, 2015 8:49 AM To: Karl Denninger; users@lists.strongswan.org Subject: Re: [strongSwan] Machine certificates from BB10 devices fail to connect (PSK works); ideas? Hi Karl, in order to find a match, the IKEv2 ID 'k...@denninger.net' must be contained as a subjectAltName in the X.509 client certificate. strongSwan does not do any matching to the CN= or E= fields of the certificate's subjectDistinguishedName. Best regards Andreas On 03/25/2015 05:36 AM, Karl Denninger wrote: I'm having a problem getting PKI-authenticated connections from BB10 smartphones to work. PSK-authentication works; I have the following stanza in ipsec.conf: conn BB10 left=%any leftsubnet=0.0.0.0/0 right=%any rightsourceip=192.168.2.0/24 rightauth=psk leftcert=genesis.denninger.net.crt leftauth=pubkey auto=add This works fine; the proper secret is in the ipsec.secrets file. If I change rightauth to pubkey, however, and specify a client certificate to be sent on the client side I get this: Mar 24 23:30:19 NewFS charon: 16[NET] sending packet: from 70.169.168.7[500] to 192.168.1.21[500] (333 bytes) Mar 24 23:30:19 NewFS charon: 16[NET] received packet: from 192.168.1.21[500] to 70.169.168.7[500] (2444 bytes) Mar 24 23:30:19 NewFS charon: 16[ENC] parsed IKE_AUTH request 1 [ IDi CERT CERTREQ AUTH CPRQ(ADDR MASK DNS DNS NBNS NBNS VER) N(INIT_CONTACT) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ] Mar 24 23:30:19 NewFS charon: 16[IKE] received end entity cert C=US, ST=Florida, O=Cuda Systems LLC, CN=Karl Denninger, E=k...@denninger.net Mar 24 23:30:19 NewFS charon: 16[CFG] looking for peer configs matching 70.169.168.7[%any]...192.168.1.21[k...@denninger.net] Mar 24 23:30:19 NewFS charon: 16[CFG] selected peer config 'BB10' Mar 24 23:30:19 NewFS charon: 16[IKE] no trusted RSA public key found for 'k...@denninger.net' The public key, however, IS in the ipsec.d/certs directory and IS readable. In addition ipsec listcacerts does show the CA that issued the machine certificate. However, ipsec listcerts does not display it; all it shows is the machine cert for the server: [root@NewFS /usr/local/etc/ipsec.d]# ipsec listcerts List of X.509 End Entity Certificates: subject: C=US, ST=Florida, O=Cuda Systems LLC, CN=genesis.denninger.net, E=postmas...@genesis.denninger.net issuer: C=US, ST=Florida, L=Niceville, O=Cuda Systems LLC, CN=Cuda Systems LLC CA, E=Cuda Systems LLC CA serial:17 validity: not before Mar 24 22:48:26 2015, ok not after Mar 21 22:48:26 2025, ok pubkey:RSA 4096 bits, has private key keyid: 58:e0:39:09:a8:60:69:4e:80:4e:03:c5:03:d4:62:4d:0e:f3:80:7d subjkey: e7:7b:7c:61:2e:5e:af:06:d0:9d:ff:29:3d:12:ae:a2:61:bf:60:56 authkey: 24:71:9b:9d:85:7d:fc:dd:dd:bd:b0:ca:92:94:03:a1:fa:d3:6d:35 [root@NewFS /usr/local/etc/ipsec.d]# What am I missing? -- Karl Denninger k...@denninger.net mailto:k...@denninger.net /The Market Ticker/ == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
[strongSwan] multiple addresses for the left|right option
Hi, I am wondering how the specification of multiple addresses in the left|right option works. For example, how many kernel policies I should have seen if I have the left with one single address and the right with two specific address like the following: right=134.111.75.171,134.111.75.172 It looks like only a pair of in|out policy for the first address is in the SPD. ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
[strongSwan] how to setup transport mode with netmask on the right side
I am trying to find out how to setup right side with netmask using transport mode. Following is what I did. But somehow it end up switched to tunnel mode. Can someone let me know what I did wrong here? Thanks! left=134.111.75.175 leftauth=psk type=transport right=134.111.75.0/24 rightauth=psk esp=3des-md5 keyexchange=ikev2 auto=add ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
[strongSwan] recommandation with many connections and heavy stress testing
Hi, We are doing stress testing with strongswan with over 256 connections and a lot of packets send/recv with default rekey time. We experienced some connections being dropped and saw many rekey collision with (win or lose) messages from the log. Is there any tuning parameters that we can use to help reduce the collision. Does increase charon number of threads help? Does reauth=no help? Any help is deeply appreciated. Bettina ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users