4

I'm trying to setup a Strongswan VPN but can't get it to work. It does not find a matching peer config and I don't know why:

LOG:

[ENC] <1> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
[NET] <1> sending packet: from 111.111.111.111[500] to 222.222.222.222[34460] (312 bytes)
[NET] <1> received packet: from 222.222.222.222[34495] to 111.111.111.111[4500] (428 bytes)
[ENC] <1> parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) N(MOBIKE_SUP) IDr CPRQ(ADDR DHCP DNS MASK ADDR6 DHCP6 D_N) N(    NON_FIRST_FRAG) SA TSi TSr ]
[CFG] <1> looking for peer configs matching 111.111.111.111[@vpn.example.net]...222.222.222.222[333.333.333.333]
[CFG] <1> no matching peer config found
[IKE] <1> received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
[IKE] <1> peer supports MOBIKE
[ENC] <1> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
[NET] <1> sending packet: from 111.111.111.111[4500] to 222.222.222.222[34495] (76 bytes)

ipsec.conf:

config setup

conn %default
    # Wait for peer connection
    auto=add
    keyexchange=ikev2
    # Win7, iOS and Mac
    ike=aes256-sha1-modp1024,aes128-sha1-modp1024,3des-sha1-modp1024! # Win7 is aes256, sha-1, modp1024; iOS is aes256, sha-256,     mo
dp1024; OS X is 3DES, sha-1, modp1024
    esp=aes256-sha256,aes256-sha1,3des-sha1! # Win 7 is aes256-sha1, iOS is aes256-sha256, OS X is 3des-shal1
    # Win7 only
    #ike=aes256-sha1-modp1024!
    #esp=aes256-sha1!
    # Dead peer detection
    dpdaction=clear
    dpddelay=300s
    # Win7 does not like rekeying
    rekey=no
    # Helps with restrictive firewalls
    forceencaps=yes
    # Suggest and accept compression
    compress=yes

conn bbnet
    # VPN Gateway is reachable via any network interface
    left=%any
    # For now tunnel all traffic, later we may refine this to specific subnets
    # https://wiki.strongswan.org/projects/strongswan/wiki/Win7EapMultipleConfig
    leftsubnet=0.0.0.0/0
    # Auth
    leftauth=pubkey
    leftcert=serverCert.pem
    leftid=@vpn.example.net
    # Mac/iOS: https://wiki.strongswan.org/projects/strongswan/wiki/IOS_(Apple)
    leftsendcert=always
    # Peers:
    # Allow all since peers have dynamic IPs
    # Assign them IPs in the range 10.67.1.0-10.67.1.255
    right=%any
    rightsourceip=10.67.1.0/24
    rightid=%any
    # Peer auth
    rightauth=eap-mschapv2
    rightsendcert=never
    # Not sure if needed
    eap_identity=%any

ipsec.secret:

: RSA serverKey.pem

donny : EAP "abcd1234"

iOS/OSX client: Server: vpn.example.net Remote id: @vpn.example.net Local id:

Auth: User/PW => donny / abcd1234

My scenario is currently very similar to https://www.strongswan.org/testing/testresults/ikev2/rw-eap-mschapv2-id-rsa/index.html but the peer matching does not work on my machine ...

UPDATE: Win8 can connect but not my iOS/OS X devices. Here is the log of a successful win 8 auth and connect:

[NET] <1> received packet: from 111.111.111.111[500] to 222.222.222.222[500] (880 bytes)
[ENC] <1> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) V V V V ]
[ENC] <1> received unknown vendor ID: 1e:2b:51:69:05:99:1c:7d:7c:96:fc:bf:b5:87:e4:61:00:00:00:09
[ENC] <1> received unknown vendor ID: fb:1d:e3:cd:f3:41:b7:ea:16:b7:e5:be:08:55:f1:20
[ENC] <1> received unknown vendor ID: 26:24:4d:38:ed:db:61:b3:17:2a:36:e3:d0:cf:b8:19
[ENC] <1> received unknown vendor ID: 01:52:8b:bb:c0:06:96:12:18:49:ab:9a:1c:5b:2a:51:00:00:00:02
[IKE] <1> 111.111.111.111 is initiating an IKE_SA
[IKE] <1> remote host is behind NAT
[ENC] <1> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
[NET] <1> sending packet: from 222.222.222.222[500] to 111.111.111.111[500] (312 bytes)
[NET] <1> received packet: from 111.111.111.111[4500] to 222.222.222.222[4500] (5708 bytes)
[ENC] <1> parsed IKE_AUTH request 1 [ IDi CERTREQ N(MOBIKE_SUP) CPRQ(ADDR DNS NBNS SRV ADDR6 DNS6 SRV6) SA TSi     
[IKE] <1> received cert request for "C=FR, O=strongSwan, CN=strongSwan CA"
[IKE] <1> received 262 cert requests for an unknown ca
[CFG] <1> looking for peer configs matching 222.222.222.222[%any]...111.111.111.111[333.333.333.333]
[CFG] <bbnet|1> selected peer config 'bbnet'
[IKE] <bbnet|1> initiating EAP_IDENTITY method (id 0x00)
[IKE] <bbnet|1> peer supports MOBIKE
[IKE] <bbnet|1> authentication of 'vpn.blubyte.de' (myself) with RSA signature successful
[IKE] <bbnet|1> sending end entity cert "C=FR, O=strongSwan, CN=vpn.blubyte.de"
[ENC] <bbnet|1> generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
[NET] <bbnet|1> sending packet: from 222.222.222.222[4500] to 111.111.111.111[4500] (1228 bytes)
[NET] <bbnet|1> received packet: from 111.111.111.111[4500] to 222.222.222.222[4500] (76 bytes)
[ENC] <bbnet|1> parsed IKE_AUTH request 2 [ EAP/RES/ID ]
[IKE] <bbnet|1> received EAP identity 'donny'
[IKE] <bbnet|1> initiating EAP_MSCHAPV2 method (id 0x0D)
[ENC] <bbnet|1> generating IKE_AUTH response 2 [ EAP/REQ/MSCHAPV2 ]
[NET] <bbnet|1> sending packet: from 222.222.222.222[4500] to 111.111.111.111[4500] (108 bytes)
[NET] <bbnet|1> received packet: from 111.111.111.111[4500] to 222.222.222.222[4500] (140 bytes)
[ENC] <bbnet|1> parsed IKE_AUTH request 3 [ EAP/RES/MSCHAPV2 ]
...

Still need to know how to make it iOS/OS X compatible ...

cgross
  • 176
  • 1
  • 1
  • 4
  • 2
    Problem solved: OS X and iOS is very sensitive about the Subject Alternative Name. After specifying it as the leftid on the vpn server and remote id on the client it worked! – cgross Jan 01 '16 at 16:04
  • Please post this as an answer and accept it, this just helped me solve my problem. – Benoit Duffez Jul 07 '17 at 14:43
  • Yes please add this as an answer, as this just helped me as well. The "Remote ID" in the iOS config was the key. Thank you! – trpt4him Feb 02 '18 at 21:28

1 Answers1

1

There are two important aspects to this:

  • Identities sent by the client (these are the identities seen in [] in the looking for peer configs matching... log message) must match the configured identities on the server (the remote identity, rightid, may be %any to accept any client identity - this is actually the default). The configured identities can be seen in the output of ipsec statusall.

  • The identities used by client and server must be contained in the certificates, which usually means they have to be contained in a subjectAltName extension (subject DNs can't be used as server identities with many clients). Note that some clients match identities against e.g. CNs in DNs but e.g. strongSwan does not.

The latter means that when strongSwan loads a certificate and the configured server identity (leftid) doesn't match the full subject DN or any of the subjectAltName extensions it will fallback to the DN as identity (there is an appropriate log message and ipsec statusall will also show this change). So even if the client proposes the same identity configured in leftid it might not actually be the identity strongSwan then uses to find a configuration and authenticate itself.

So make sure the configured identities match on client and server and that these identities are confirmed by the certificates used during authentication.

ecdsa
  • 3,800
  • 12
  • 26