<div dir="ltr">Hi,<div><br></div><div>Just wondering if i use DH group in esp cipher suite however keep "pfs=no". Then how does Strongswan charon behave?</div><div class="gmail_extra"><br></div><div class="gmail_extra">
We are facing an issue while using strongswan with a Peer Juniper SRX Device.</div><div class="gmail_extra">- On Juniper PFS is disabled for configured CHILD_SA</div><div class="gmail_extra">- On Strongswan as well we have defined "pfs=no". However the esp ciper suite still uses DH group 2. Following is connection configuration:</div>
<div class="gmail_extra"><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> conn CHLD_SA1</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> ikelifetime=8640s</p>
<p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> keyexchange=ikev2</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> keyingtries=%forever</p>
<p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> keylife=8640s</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> <b><span style="color:red;background-color:yellow">pfs=no</span></b></p>
<p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> reauth=no</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> rekey=yes</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px">
mobike=no</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> dpdaction=clear</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> dpddelay=10</p>
<p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> rekeymargin=320s</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> ike=aes128-sha1-modp1024,3des-sha1-modp1024!</p>
<p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> esp=3des-sha1-<b>modp1024,</b>aes128-sha1-<b>modp1024!</b></p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px">
authby=rsasig</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> left=40.40.40.2</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> leftsubnet=<a href="http://172.18.21.25/32" target="_blank">172.18.21.25/32</a></p>
<p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> right=30.30.30.2</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> rightsubnet=<a href="http://10.3.4.38/32" target="_blank">10.3.4.38/32</a></p>
<p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> leftprotoport=udp/49152</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> rightprotoport=udp/49152</p>
<p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> leftid=192.168.255.230</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> leftcert=/tmp/cert_16bbc8.pem</p>
<p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> rightid=%any</p><p class="MsoNormal" style="font-family:arial,sans-serif;font-size:13px"> auto=add</p></div><div class="gmail_extra">
<br></div><div class="gmail_extra">Now I observe that the SA gets established successfully. However the first Rekey attempt made by Strongswan is rejected by Juniper SRX with error "No Proposal Chosen".</div><div class="gmail_extra">
I am just wondering that could it be because we have kept DH2 group proposal in esp ciper suite, wheres on peer pfs is disabled?</div><div class="gmail_extra">However if this is true, then i am wondering what is the purpose of the parameter "pfs=no". Doesn't strongswan internally handle sending correct proposal while rekeying child SA with "pfs=no" </div>
<div class="gmail_extra"><br></div><div class="gmail_extra">Would appreciate your help in sorting this out.</div><div class="gmail_extra"><br></div><div class="gmail_extra">Thanks and Regards,</div><div class="gmail_extra">
Sajal<br><br><div class="gmail_quote">On Tue, Mar 11, 2014 at 8:14 PM, Tobias Brunner <span dir="ltr"><<a href="mailto:tobias@strongswan.org" target="_blank">tobias@strongswan.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
Hi Arun,<br>
<br>
The pfs option has no effect on IKEv2 connections. It's an option used<br>
by the legacy IKEv1 daemon pluto, where it only affected Quick Mode SAs<br>
because ISAKMP SAs are always reestablished from scratch, so there<br>
always is a DH exchange.<br>
<br>
IKEv2 does support inline rekeying of IKE_SAs (reauth=no, rekey=yes) and<br>
there is always a DH exchange when doing so (see [1]). To do a DH<br>
exchange when rekeying CHILD_SAs with IKEv2 (or IKEv1 since 5.x) you<br>
have to configure at least one DH group in the esp cipher suite as you<br>
already have in your config.<br>
<br>
Regards,<br>
Tobias<br>
<br>
[1] <a href="http://tools.ietf.org/html/rfc5996#section-2.18" target="_blank">http://tools.ietf.org/html/rfc5996#section-2.18</a><br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.strongswan.org">Users@lists.strongswan.org</a><br>
<a href="https://lists.strongswan.org/mailman/listinfo/users" target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a><br>
</blockquote></div><br></div></div>