[strongSwan] No acceptable DIFFIE_HELLMAN_GROUP found

William Greene wgreene9617 at yahoo.com
Mon Nov 15 16:01:16 CET 2010 


Thank you Andreas for your quick reply.  Your suggestion did do something as I'm 
getting a different error now: TS_UNACCEPTABLE.    I've been unable to glean 
anything so far from the mailing list concerning this error and a host to host 
setup such as mine.  I'm including some more log information.  

Thanks again in advance for comments or suggestions anyone may have.



[root at KAP8 etc]# ipsec up testipsec
initiating IKE_SA testipsec[3] to 10.168.65.1
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
sending packet: from 10.168.80.8[500] to 10.168.65.1[500]
received packet: from 10.168.65.1[500] to 10.168.80.8[500]
parsed IKE_SA_INIT response 0 [ N(COOKIE) ]
initiating IKE_SA testipsec[3] to 10.168.65.1
generating IKE_SA_INIT request 0 [ N(COOKIE) SA KE No N(NATD_S_IP) N(NATD_D_IP) 
]
sending packet: from 10.168.80.8[500] to 10.168.65.1[500]
received packet: from 10.168.65.1[500] to 10.168.80.8[500]
parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ ]
received cert request for unknown ca with keyid 
00:00:00:00:00:00:00:02:00:14:00:00:10:04:d9:b8:10:04:d9:b8
authentication of '10.168.80.8' (myself) with pre-shared key
establishing CHILD_SA testipsec
generating IKE_AUTH request 1 [ IDi IDr AUTH N(USE_TRANSP) SA TSi TSr 
N(EAP_ONLY) ]
sending packet: from 10.168.80.8[500] to 10.168.65.1[500]
received packet: from 10.168.65.1[500] to 10.168.80.8[500]
parsed IKE_AUTH response 1 [ IDr AUTH N(TS_UNACCEPT) ]
authentication of '10.168.65.1' with pre-shared key successful
IKE_SA testipsec[3] established between 
10.168.80.8[10.168.80.8]...10.168.65.1[10.168.65.1]
scheduling reauthentication in 3315s
maximum IKE_SA lifetime 3495s
received TS_UNACCEPTABLE notify, no CHILD_SA built
[root at KAP8 etc]# 


>From Mocana log:

RECV 832 bytes from 10.168.80.8[500] at 10.168.65.1 (7376.217)
 spi={8562d7f0575052dd 0000000000000000} np=SA
 exchange=IKE_SA_INIT msgid=0 len=832
  <-- R
   Notify: COOKIE
SEND 56 bytes to 10.168.80.8[500] (7376.226)

RECV 860 bytes from 10.168.80.8[500] at 10.168.65.1 (7376.257)
 spi={8562d7f0575052dd 0000000000000000} np=N
 exchange=IKE_SA_INIT msgid=0 len=860
  --> R
   Notify: COOKIE
    Proposal #1: IKE[4]
     ENCR_AES 128-BITS
     AUTH_HMAC_SHA1_96
     PRF_HMAC_SHA1
     DH_14

==> ../Log/kern.log <==
Nov 15 14:40:40 cep kernel: 0:ipsec_ioctl[638]: 0:cmd = 0x3eb, value = 
0x040432000:

==> ../Log/nanosec-ike.log <==
   Notify: NAT_DETECTION_SOURCE_IP
   Notify: NAT_DETECTION_DESTINATION_IP
    SKEYSEED (20 bytes): 88aa0565daa02dff1febbbc10db446c589d3b0cb
    SK_d (20 bytes): 26d9261618cce7954e12fc0dce541570b9bbb918
    SK_ai (20 bytes): b86be01177a21425d8fc201a906af39f4f440ebf
    SK_ar (20 bytes): 0c439701fa8c24baa96702135e1a440df477066d
    SK_ei (16 bytes): a776670d396e0c025b53f22600bbd3a1
    SK_er (16 bytes): ac5e03572862a9b79fae695b5f908186
    SK_pi (20 bytes): 65f4333cfbf0dbff972b45f08cc67ff2dd0e1f9b
    SK_pr (20 bytes): 11d33c98f572ee0e700ddf72252dda67cd86913e
  <-- R
   NAT_D (us): 6c 9e 3c b8 79 6a a9 3e a5 51 9b 39 f6 96 0f fa 
35 01 c5 53 
   NAT_D (peer): d5 55 de cb 72 4c d6 42 b3 55 31 b1 af e6 b5 17 
3e ea aa ec 
SEND 441 bytes to 10.168.80.8[500] (7379.93)

RECV 252 bytes from 10.168.80.8[500] at 10.168.65.1 (7379.128)
 spi={8562d7f0575052dd 382c78998f61cd73} np=E{IDi}
 exchange=IKE_AUTH msgid=1 len=252
  --> R
   Notify: USE_TRANSPORT_MODE
   TSi: 10.168.80.8
   TSr: 10.168.65.1
   Notify: 16417
    prf(SK_pi,IDi') (20 bytes): 45ed7f17efa2d727ac3f0416ccd83493977c8676
    prf(SS,"*") (20 bytes): 6a3dc0ae9834bef9e35ebac3ac23f02f78c5f93b
   AUTH_i 91 19 66 53 b1 0e 98 5d 00 9b 56 c3 60 43 ba ff 
99 79 d1 ff 
    Proposal #1: ESP[2] spi=c9b5ce4d
     ENCR_AES_GCM_16 256-BITS
     ESN_0
  <-- R
    prf(SK_pr,IDr') (20 bytes): d1d6c3d9ee6e3273d0d4ab9580a7e2e0935840c6
    prf(SS,"*") (20 bytes): 6a3dc0ae9834bef9e35ebac3ac23f02f78c5f93b
   AUTH_r f6 a0 7c e5 dd 18 4b be c9 dc 06 de c7 c7 41 2d 
da 22 88 bc 
   Notify: TS_UNACCEPTABLE (ESP spi=c9b5ce4d)
SEND 124 bytes to 10.168.80.8[500] (7379.182)
 IKE_SA Created [v2 R](id=0xbd946a9e)
  CHILD_SA failed [v2 R], status = -8855



[root at KAP8 etc]# cat ipsec.conf
# ipsec.conf - strongSwan IPsec configuration file

# basic configuration

config setup
# plutodebug=all
# crlcheckinterval=600
# strictcrlpolicy=yes
# cachecrls=yes
# nat_traversal=yes
# charonstart=no
plutostart=no

# Add connections here.

conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
mobike=no
authby=secret
keyexchange=ikev2
#ike=aes256-sha256-ecp256,aes128-sha256-ecp256!
#esp=aes256gcm16,aes128gcm16!
esp=aes256gcm16-modp1024-modp2048,aes128gcm16-modp1024-modp2048!

conn testipsec
type=transport 
left=10.168.80.8
#leftprotoport=icmp
#leftid=kap
right=10.168.65.1
#rightprotoport=icmp
#rightid=cep
auto=add



________________________________
From: Andreas Steffen <andreas.steffen at strongswan.org>
To: William Greene <wgreene9617 at yahoo.com>
Cc: users at lists.strongswan.org
Sent: Sat, November 13, 2010 12:44:15 PM
Subject: Re: [strongSwan] No acceptable DIFFIE_HELLMAN_GROUP found

Hello Bill,

it seems that the Mocana client wants to do Perfect Forward Secrecy
(PFS) in the CHILD_SA but strongSwan hasn't enabled PFS:

esp=aes256gcm16,aes128gcm16!

Try

esp=aes256gcm16-modp1024-modp2048,aes128gcm16-modp1024-modp2048!

Regards

Andreas

On 11/13/2010 04:16 PM, William Greene wrote:
>
> I am perplexed. It looks to me like both sides could agree on a proposal
> but do not for some reason. I'm trying to set up an ipsec connection
> between StrongSwan on CentOS linux and a Mocana stack implementation on
> an embedded Linux device. I'm new to StrongSwan and if anyone can
> provide some guidance or suggestions, I'd be mucho appreciative. I've
> attached some relevant information below.
>
> Thanks in advance,
> Bill
>
>
> Nov 12 16:50:17 13[ENC] found payload of type TRAFFIC_SELECTOR_RESPONDER
> Nov 12 16:50:17 13[ENC] parsed CREATE_CHILD_SA request 13 [
> N(USE_TRANSP) SA No KE TSi TSr ]
> Nov 12 16:50:17 13[LIB] size of DH secret exponent: 1023 bits
> Nov 12 16:50:17 13[CFG] looking for a child config for
> 10.168.80.8/32[icmp] === 10.168.65.1/32[icmp]
> Nov 12 16:50:17 13[CFG] proposing traffic selectors for us:
> Nov 12 16:50:17 13[CFG] 10.168.80.8/32 (derived from dynamic)
> Nov 12 16:50:17 13[CFG] proposing traffic selectors for other:
> Nov 12 16:50:17 13[CFG] 10.168.65.1/32 (derived from dynamic)
> Nov 12 16:50:17 13[CFG] candidate "testipsec" with prio 1+1
> Nov 12 16:50:17 13[CFG] found matching child config "testipsec" with prio 2
> Nov 12 16:50:17 13[CFG] selecting proposal:
> Nov 12 16:50:17 13[CFG] no acceptable DIFFIE_HELLMAN_GROUP found
> Nov 12 16:50:17 13[CFG] selecting proposal:
> Nov 12 16:50:17 13[CFG] no acceptable DIFFIE_HELLMAN_GROUP found
> Nov 12 16:50:17 13[CFG] received proposals:
>ESP:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/HMAC_SHA2_256_128/MODP_1024/MODP_768/MODP_1536/MODP_2048/MODP_NONE/NO_EXT_SEQ
>Q
> Nov 12 16:50:17 13[CFG] configured proposals:
> ESP:AES_GCM_16_256/NO_EXT_SEQ, ESP:AES_GCM_16_128/NO_EXT_SEQ
> Nov 12 16:50:17 13[IKE] no acceptable proposal found
> Nov 12 16:50:17 13[ENC] added payload of type NOTIFY to message
> Nov 12 16:50:17 13[ENC] added payload of type NOTIFY to message
> Nov 12 16:50:17 13[ENC] generating CREATE_CHILD_SA response 13 [
> N(NO_PROP) ]
> Nov 12 16:50:17 13[ENC] insert payload NOTIFY to encryption payload
> Nov 12 16:50:17 13[ENC] generating payload of type HEADER
>
>
> [root at KAP8 etc]# ipsec statusall
> Status of IKEv2 charon daemon (strongSwan 4.5.0):
> uptime: 4 minutes, since Nov 12 16:48:36 2010
> malloc: sbrk 253952, mmap 0, used 175408, free 78544
> worker threads: 9 idle of 16, job queue load: 0, scheduled events: 2
> loaded plugins: aes des sha1 sha2 md5 random x509 revocation pubkey
> pkcs1 pgp pem openssl gcrypt fips-prf gmp xcbc hmac gcm attr
> kernel-netlink resolve socket-raw stroke updown
> Listening IP addresses:
> 10.168.80.8
> 2005:a8::21e:c9ff:feff:124
> 2004:a8::21e:c9ff:feff:124
> Connections:
> testipsec: 10.168.80.8...10.168.65.1
> testipsec: local: [10.168.80.8] uses pre-shared key authentication
> testipsec: remote: [10.168.65.1] uses any authentication
> testipsec: child: dynamic === dynamic
> Security Associations:
> testipsec[1]: ESTABLISHED 3 minutes ago,
> 10.168.80.8[10.168.80.8]...10.168.65.1[10.168.65.1]
> testipsec[1]: IKE SPIs: 94ffc82723b04b1b_i* 07df56bf80bfe16f_r,
> pre-shared key reauthentication in 52 minutes
> testipsec[1]: IKE proposal: AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
> [root at KAP8 etc]#
> [root at KAP8 etc]#
> [root at KAP8 etc]#
> [root at KAP8 etc]# ipsec listall
>
> List of registered IKEv2 Algorithms:
>
> encryption: AES_CBC 3DES_CBC DES_CBC DES_ECB CAMELLIA_CBC RC5_CBC
> IDEA_CBC CAST_CBC BLOWFISH_CBC NULL AES_CTR CAMELLIA_CTR SERPENT_CBC
> TWOFISH_CBC
> integrity: AES_XCBC_96 CAMELLIA_XCBC_96 HMAC_SHA1_96 HMAC_SHA1_128
> HMAC_SHA1_160 HMAC_SHA2_256_128 HMAC_SHA2_256_256 HMAC_MD5_96
> HMAC_MD5_128 HMAC_SHA2_384_192 HMAC_SHA2_384_384 HMAC_SHA2_512_256
> aead: AES_GCM_8 AES_GCM_12 AES_GCM_16
> hasher: HASH_SHA1 HASH_SHA224 HASH_SHA256 HASH_SHA384 HASH_SHA512
> HASH_MD5 HASH_MD2 HASH_MD4
> prf: PRF_KEYED_SHA1 PRF_FIPS_SHA1_160 PRF_AES128_XCBC
> PRF_CAMELLIA128_XCBC PRF_HMAC_SHA2_256 PRF_HMAC_SHA1 PRF_HMAC_MD5
> PRF_HMAC_SHA2_384 PRF_HMAC_SHA2_512
> dh-group: MODP_2048 MODP_2048_224 MODP_2048_256 MODP_1536 ECP_256
> ECP_384 ECP_521 ECP_224 ECP_192 MODP_3072 MODP_4096 MODP_6144 MODP_8192
> MODP_1024 MODP_1024_160 MODP_768 MODP_CUSTOM
> [root at KAP8 etc]#
>
>
> [root at KAP8 etc]# cat ipsec.conf
> # ipsec.conf - strongSwan IPsec configuration file
>
> # basic configuration
>
> config setup
> # plutodebug=all
> # crlcheckinterval=600
> # strictcrlpolicy=yes
> # cachecrls=yes
> # nat_traversal=yes
> # charonstart=no
> plutostart=no
>
> # Add connections here.
>
> conn %default
> ikelifetime=60m
> keylife=20m
> rekeymargin=3m
> keyingtries=1
> mobike=no
> authby=secret
> keyexchange=ikev2
> #ike=aes256-sha256-ecp256,aes128-sha256-ecp256!
> esp=aes256gcm16,aes128gcm16!
>
> conn testipsec
> type=transport
> left=10.168.80.8
> #leftprotoport=icmp
> #leftid=kap
> right=10.168.65.1
> #rightprotoport=icmp
> #rightid=cep
> auto=add
> [root at KAP8 etc]#
>
> [root at KAP8 etc]# ipsec version
> Linux strongSwan U4.5.0/K2.6.36-1
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil, Switzerland
> See 'ipsec --copyright' for copyright information.
> [root at KAP8 etc]#
> [root at KAP8 etc]# openssl version
> OpenSSL 0.9.8n 24 Mar 2010
> [root at KAP8 etc]#

======================================================================
Andreas Steffen                        andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20101115/3a2fc3ba/attachment.html>

More information about the Users mailing list