<html><head></head><body><div style="font-family: Verdana;font-size: 12.0px;"><div>
<div>Hi all,</div>
<div> </div>
<div>I am having an issue with multiple child SAs of the same IKE-SA as a result of an overlapping tunnel initiation caused by a network outage between strongswan 5.0.4 and a VPN peer (Checkpoint firewall).</div>
<div> </div>
<div>After re-establishing the connection it seems that both peers will initiate a tunnel and as a result I will have two Child_SA pairs. At a point of time I am observing that both peers are sending traffic with SPIs belonging to different Child_SA pairs and the traffic is getting dropped on the strongswan side.</div>
<div> </div>
<div>Below is a trace between the strongswan (192.168.57.9) and the Checkpoint firewall (192.168.30.165) taken once the problem is occurring:</div>
<div> </div>
<div>16:01:14.528702 IP 192.168.57.9 > 192.168.30.165: ESP(spi=0xf9029d40,seq=0x66), length 132<br/>
16:01:14.529551 IP 192.168.30.165 > 192.168.57.9: ESP(spi=0xc2088c97,seq=0x32), length 132<br/>
16:01:20.537286 IP 192.168.57.9 > 192.168.30.165: ESP(spi=0xf9029d40,seq=0x67), length 132<br/>
16:01:20.538136 IP 192.168.30.165 > 192.168.57.9: ESP(spi=0xc2088c97,seq=0x33), length 132<br/>
16:01:21.813363 IP 192.168.57.9 > 192.168.30.165: ESP(spi=0xf9029d40,seq=0x68), length 116<br/>
16:01:21.813662 IP 192.168.30.165 > 192.168.57.9: ESP(spi=0xc2088c97,seq=0x34), length 340</div>
<div> </div>
<div>Strongwan is using 0xf9029d40 while Checkpoint is using 0xc2088c97. “ipsec status” shows that these SPIs belong to different Child_SA pairs.</div>
<div> </div>
<div>oot@vpn-57:~/vpn/mass_test# ipsec statusall vpn-57-9<br/>
Status of IKE charon daemon (strongSwan 5.0.4, Linux 3.5.7-03050711-generic, x86_64):<br/>
uptime: 51 minutes, since Sep 27 15:09:22 2013<br/>
malloc: sbrk 1187840, mmap 0, used 1033936, free 153904<br/>
worker threads: 8 of 16 idle, 7/1/0/0 working, job queue: 0/0/0/0, scheduled: 603<br/>
loaded plugins: charon aes des sha1 sha2 md5 random nonce x509 constraints pubkey pkcs1 pkcs8 pgp dnskey pem fips-prf gmp hmac gcm attr kernel-netlink resolve socket-default stroke updown<br/>
Listening IP addresses:<br/>
192.168.100.57<br/>
10.31.11.57<br/>
10.31.13.57<br/>
10.31.12.57<br/>
192.168.31.57<br/>
Connections:<br/>
vpn-57-9: 192.168.57.9...192.168.30.165 IKEv2, dpddelay=10s<br/>
vpn-57-9: local: [O=COMP, CN=vpn-57] uses public key authentication<br/>
vpn-57-9: cert: "O=COMP, CN=vpn-57"<br/>
vpn-57-9: remote: [192.168.30.165] uses public key authentication<br/>
vpn-57-9: child: 10.57.11.9/32 === 10.22.11.9/32 TUNNEL, dpdaction=restart<br/>
Routed Connections:<br/>
vpn-57-9{9}: ROUTED, TUNNEL<br/>
vpn-57-9{9}: 10.57.11.9/32 === 10.22.11.9/32<br/>
Security Associations (150 up, 0 connecting):<br/>
vpn-57-9[640]: ESTABLISHED 2 minutes ago, 192.168.57.9[O=COMP, CN=vpn-57]...192.168.30.165[192.168.30.165]<br/>
vpn-57-9[640]: IKEv2 SPIs: c6723f86b6eae6bd_i* 24497c2c09f76396_r, rekeying in 14 minutes<br/>
vpn-57-9[640]: IKE proposal: AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024<br/>
vpn-57-9{454}: INSTALLED, TUNNEL, ESP SPIs: c3a797a1_i f9029d40_o<br/>
vpn-57-9{454}: AES_CBC_128/HMAC_SHA1_96, 4568 bytes_i (54 pkts, 93s ago), 11716 bytes_o (99 pkts, 1s ago), rekeying in 3 minutes<br/>
vpn-57-9{454}: 10.57.11.9/32 === 10.22.11.9/32<br/>
vpn-57-9{338}: INSTALLED, TUNNEL, ESP SPIs: c2088c97_i de446e40_o<br/>
vpn-57-9{338}: AES_CBC_128/HMAC_SHA1_96, 4148 bytes_i (46 pkts, 1s ago), 0 bytes_o, rekeying in 5 minutes<br/>
vpn-57-9{338}: 10.57.11.9/32 === 10.22.11.9/32</div>
<div> </div>
<div>Based on the rekeying information (3min vs. 5min) I would say that strongswan is using the older SA while Checkpoint is using the newer one. Do you have an explanation for this? And if so, why is strongswan dropping the packets encrypted with the newer (but valid) SPI? Is there any way to solve this problem by reconfiguration?</div>
<div> </div>
<div>Any help to troubleshoot and solve the problem would be really appriciated.</div>
<div> </div>
<div>Thanks and have a nice day,<br/>
Joern</div>
</div></div></body></html>