Re: [Swan] No proposal chosen in version 3.21

Fri, 15 Sep 2017 06:56:13 -0700 

On Fri, 15 Sep 2017, Dynastic Space wrote:


In version 3.19 we used the following configuration:



conn xauth-psk


[no ike= or esp=/phase2= lines]


I just upgraded to version 3.21, using this same configuration. the client is 
sending the following proposal:


3.21 has been updated to reflect RFC-8247

https://tools.ietf.org/html/rfc8247

Even though it technically does not cover IKEv1 - only IKEv2 - we have
also bumped some requirements in IKEv1. Most notably, since all IKEv1
stacks support both modp1536 (DH5) and modp1024 (DH2), and the latter
is pretty weak, we have kicked that one out of our default proposal
list. Additional, the ESP RFC (7321bis) will be published in a few days
as RFC-8221 and 3.21 also tries to comply there. This means mostly that
MD5 is kicked out of the default proposal set.

So with that in mind:


    (sa: doi=ipsec situation=identity
        (p: #1 protoid=isakmp transform=15
            (t: #1 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=aes)(type=keylen
value=0100)(type=auth value=fde9)(type=hash value=sha2-256)(type=group desc 
value=modp2048))


This is ike=aes128-sha2_256;modp2048 and should be accepted by us?
Possibly we had not added modp2048 to the default group?



            (t: #2 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=aes)(type=keylen
value=0100)(type=auth value=fde9)(type=hash value=sha1)(type=group desc 
value=modp2048))


ike=aes128-sha1;modp2048  Same


            (t: #3 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=aes)(type=keylen
value=0100)(type=auth value=fde9)(type=hash value=md5)(type=group desc 
value=modp2048))


ike=aes128-md5;modp2048 md5, so rejected.


            (t: #4 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=aes)(type=keylen
value=0100)(type=auth value=fde9)(type=hash value=sha2-512)(type=group desc 
value=modp2048))


ike=aes128-sha2_512;modp1536 Should also be accepted?


            (t: #5 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=aes)(type=keylen
value=0100)(type=auth value=fde9)(type=hash value=sha2-256)(type=group desc 
value=modp1536))


ike=aes128-sha2_256;modp1536 Should also be accepted?


            (t: #6 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=aes)(type=keylen
value=0100)(type=auth value=fde9)(type=hash value=sha1)(type=group desc 
value=modp1536))


ike=aes128-sha1;modp1536 should also be accepted.


            (t: #7 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=aes)(type=keylen
value=0100)(type=auth value=fde9)(type=hash value=md5)(type=group desc 
value=modp1536))


ike=aes128-md5;modp1536 rejected for md5


            (t: #8 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=aes)(type=keylen
value=0100)(type=auth value=fde9)(type=hash value=sha1)(type=group desc 
value=modp1024))
            (t: #9 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=aes)(type=keylen
value=0100)(type=auth value=fde9)(type=hash value=md5)(type=group desc 
value=modp1024))
            (t: #10 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=aes)(type=keylen
value=0080)(type=auth value=fde9)(type=hash value=sha1)(type=group desc 
value=modp1024))
            (t: #11 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=aes)(type=keylen
value=0080)(type=auth value=fde9)(type=hash value=md5)(type=group desc 
value=modp1024))
            (t: #12 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=3des)(type=auth
value=fde9)(type=hash value=sha1)(type=group desc value=modp1024))
            (t: #13 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=3des)(type=auth
value=fde9)(type=hash value=md5)(type=group desc value=modp1024))
            (t: #14 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=1des)(type=auth
value=fde9)(type=hash value=sha1)(type=group desc value=modp1024))
            (t: #15 id=ike (type=lifetype value=sec)(type=lifeduration 
value=0e10)(type=enc value=1des)(type=auth
value=fde9)(type=hash value=md5)(type=group desc value=modp1024))))


All of these rejected because of modp1024 (DH2)


but the server is responding with 
    (n: doi=ipsec proto=isakmp type=NO-PROPOSAL-CHOSEN)


I'm not sure why you are seeing that. Can you try adding:

        ike=aes128-sha2_256;modp2048
        ike=aes128-sha2_256;modp2048

Do you have all the same kind of clients? If not, you might need to make
a more complicated proposal with multiple entries.

Note that you might run into similar things for esp=/phase2alg= once
you fixup this stage.

Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan






















					Reply via email to