[strongSwan] strongswan 4.3.6 IKEv1 not working for 3des-sha1

Andreas Steffen andreas.steffen at strongswan.org
Wed Nov 17 13:52:01 CET 2010


Ok, since apparently the MD5-based Vendor IDs are also
partially faulty I recommend to enable the crypto test
vectors on both ends:

http://wiki.strongswan.org/projects/strongswan/wiki/CryptoTest

Regards

Andreas

On 17.11.2010 12:22, anand rao wrote:
> Hi Andreas,
> 
>    I am running strongSwan 4.3.6 on both sides.
> The output of ipsec --version on both hosts shows same version
> 
> root at OpenWrt:/# ipsec --version
> Linux strongSwan U4.3.6/K2.6.33.5
> 
> output of ipsec listalgs
> 
> root at OpenWrt:/# ipsec listalgs
> 000
> 000 List of registered IKEv1 Algorithms:
> 000
> 000   encryption: BLOWFISH_CBC 3DES_CBC AES_CBC CAMELLIA_CBC
> 000   integrity:  HMAC_MD5 HMAC_SHA1 HMAC_SHA2_256 HMAC_SHA2_384 HMAC_SHA2_512
> 000   dh-group:   MODP_1024 MODP_1536 MODP_2048 MODP_3072 MODP_4096 MODP_6144 
> MODP_8192 ECP_256 ECP_384 ECP_521 ECP_192 ECP_224
> 000
> 000 List of registered ESP Algorithms:
> 000
> 000   encryption: DES_CBC 3DES_CBC NULL AES_CBC AES_CCM_8 AES_CCM_12 AES_CCM_16 
> AES_GCM_8 AES_GCM_12 AES_GCM_16
> 000   integrity:  HMAC_MD5 HMAC_SHA1 HMAC_SHA2_256 NULL HMAC_SHA2_256_96
> 
> List of registered IKEv2 Algorithms:
> 
>   encryption: BLOWFISH_CBC AES_CBC CAMELLIA_CBC 3DES_CBC RC5_CBC IDEA_CBC 
> CAST_CBC DES_CBC DES_ECB NULL
>   integrity:  AES_XCBC_96 HMAC_SHA1_96 HMAC_SHA1_128 HMAC_SHA1_160 
> HMAC_SHA2_256_128 HMAC_MD5_96 HMAC_MD5_128 HMAC_SHA2_384_192 HMAC_SHA2_512_256
>   hasher:     HASH_SHA1 HASH_MD2 HASH_MD4 HASH_MD5 HASH_SHA224 HASH_SHA256 
> HASH_SHA384 HASH_SHA512
>   prf:        PRF_AES128_XCBC PRF_HMAC_SHA2_256 PRF_HMAC_SHA1 PRF_HMAC_MD5 
> PRF_HMAC_SHA2_384 PRF_HMAC_SHA2_512
>   dh-group:   MODP_2048 MODP_1536 ECP_256 ECP_384 ECP_521 ECP_224 ECP_192 
> MODP_3072 MODP_4096 MODP_6144 MODP_8192 MODP_1024 MODP_768
> 
> 
> output confirms that both sides are loaded with 3DES_CBC.
> 
> pre-shared secret configured  on both hosts is same. The same setup works for 
> AES.
> 
> Same setup works perfectly for IKEv2 even for 3DES :(
> I am facing issues only for IKEv1.
> 
> Thanks
> -Anand
> 
> 
> 
> ----- Original Message ----
> From: Andreas Steffen <andreas.steffen at strongswan.org>
> To: anand rao <anandrao_me at yahoo.co.in>
> Cc: users at lists.strongswan.org
> Sent: Wed, November 17, 2010 4:24:59 PM
> Subject: Re: [strongSwan] strongswan 4.3.6 IKEv1 not working for 3des-sha1
> 
> Hi Anand,
> 
> I doubt that you are running strongSwan 4.3.6 on both sides
> because the peer sends some Vendor IDs which pluto does not
> recognize ;-)
> 
> Pluto cannot decrypt the first encrypted IKE message. This
> usually means that either the Pre-Shared Secrets configured
> by each side are not equal (you write that you successfully tested
> the same setup using AES, though) or the peer side does not
> implement 3DES or the key derivation correctly.
> 
> Regards
> 
> Andreas
> 
> On 17.11.2010 10:25, anand rao wrote:
>> Hi,
>>
>>    I am trying to establish tunnel in transport mode between two hosts. I am 
>> using strongswan 4.3.6 on both sides.
>> when I use default configuration or AES algorithm, tunnel establishes 
>> successfully.
>> But if I use 3des algorithm (ike=3des-sha1-modp1536) I am getting following 
>> errors.
>>
>>
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | *received 232 bytes from 
>> 1.1.1.2:500 on eth0
>> Nov 17 14:40:21 (none) authpriv.warn pluto[8536]: packet from 1.1.1.2:500: 
>> ignoring Vendor ID payload [882fe56d6fd20dbc2251613b2ebe5beb]
>> Nov 17 14:40:21 (none) authpriv.warn pluto[8536]: packet from 1.1.1.2:500: 
>> received Vendor ID payload [XAUTH]
>> Nov 17 14:40:21 (none) authpriv.warn pluto[8536]: packet from 1.1.1.2:500: 
>> received Vendor ID payload [Dead Peer Detection]
>> Nov 17 14:40:21 (none) authpriv.warn pluto[8536]: packet from 1.1.1.2:500: 
>> ignoring Vendor ID payload [4a131c81070358455c5728f20e95452f]
>> Nov 17 14:40:21 (none) authpriv.warn pluto[8536]: packet from 1.1.1.2:500: 
>> ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
>> Nov 17 14:40:21 (none) authpriv.warn pluto[8536]: packet from 1.1.1.2:500: 
>> ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
>> Nov 17 14:40:21 (none) authpriv.warn pluto[8536]: packet from 1.1.1.2:500: 
>> ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
>> Nov 17 14:40:21 (none) authpriv.warn pluto[8536]: packet from 1.1.1.2:500: 
>> ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | preparse_isakmp_policy: 
>> peer requests PSK authentication
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | creating state object #1 
>> at 
>>
>> 0x939c8
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | ICOOKIE:  5c 2c bf f7  e4 
> 
>> 88 0e c3
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | RCOOKIE:  6b bb 02 cc  01 
> 
>> d1 98 03
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | peer:  01 01 01 02
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | state hash entry 27
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | inserting event 
>> EVENT_SO_DISCARD, timeout in 0 seconds for #1
>> Nov 17 14:40:21 (none) authpriv.warn pluto[8536]: "example" #1: responding to 
>> Main Mode
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | inserting event 
>> EVENT_RETRANSMIT, timeout in 10 seconds for #1
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | next event 
>> EVENT_RETRANSMIT 
>>
>> in 10 seconds for #1
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: |
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | *received 244 bytes from 
>> 1.1.1.2:500 on eth0
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | ICOOKIE:  5c 2c bf f7  e4 
> 
>> 88 0e c3
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | RCOOKIE:  6b bb 02 cc  01 
> 
>> d1 98 03
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | peer:  01 01 01 02
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | state hash entry 27
>> Nov 17 14:40:21 (none) authpriv.debug pluto[8536]: | state object #1 found, in 
> 
>> STATE_MAIN_R1
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | inserting event 
>> EVENT_RETRANSMIT, timeout in 10 seconds for #1
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | next event 
>> EVENT_RETRANSMIT 
>>
>> in 10 seconds for #1
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: |
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | *received 68 bytes from 
>> 1.1.1.2:500 on eth0
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | ICOOKIE:  5c 2c bf f7  e4 
> 
>> 88 0e c3
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | RCOOKIE:  6b bb 02 cc  01 
> 
>> d1 98 03
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | peer:  01 01 01 02
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | state hash entry 27
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | state object #1 found, in 
> 
>> STATE_MAIN_R2
>> Nov 17 14:40:22 (none) authpriv.warn pluto[8536]: "example" #1: Peer ID is 
>> ID_IPV4_ADDR: '1.1.1.2'
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | peer CA:      %none
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | current connection is a 
>> full match -- no need to look further
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | offered CA:   %none
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | inserting event 
>> EVENT_SA_REPLACE, timeout in 3510 seconds for #1
>> Nov 17 14:40:22 (none) authpriv.warn pluto[8536]: "example" #1: sent MR3, 
>> ISAKMP 
>>
>> SA established
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | next event 
>> EVENT_SA_REPLACE 
>>
>> in 3510 seconds for #1
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: |
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | *received 124 bytes from 
>> 1.1.1.2:500 on eth0
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | ICOOKIE:  5c 2c bf f7  e4 
> 
>> 88 0e c3
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | RCOOKIE:  6b bb 02 cc  01 
> 
>> d1 98 03
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | peer:  01 01 01 02
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | state hash entry 27
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | state object not found
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | ICOOKIE:  5c 2c bf f7  e4 
> 
>> 88 0e c3
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | RCOOKIE:  6b bb 02 cc  01 
> 
>> d1 98 03
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | peer:  01 01 01 02
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | state hash entry 27
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | state object #1 found, in 
> 
>> STATE_MAIN_R3
>> Nov 17 14:40:22 (none) authpriv.warn pluto[8536]: "example" #1: next payload 
>> type of ISAKMP Hash Payload has an unknown value: 54
>> Nov 17 14:40:22 (none) authpriv.warn pluto[8536]: "example" #1: malformed 
>> payload in packet
>> Nov 17 14:40:22 (none) authpriv.warn pluto[8536]: "example" #1: sending 
>> encrypted notification PAYLOAD_MALFORMED to 1.1.1.2:500
>> Nov 17 14:40:22 (none) authpriv.debug pluto[8536]: | next event 
>> EVENT_SA_REPLACE 
>>
>> in 3510 seconds for #1
>> Nov 17 14:40:32 (none) authpriv.debug pluto[8536]: |
>> Nov 17 14:40:32 (none) authpriv.debug pluto[8536]: | *received 124 bytes from 
>> 1.1.1.2:500 on eth0
>> Nov 17 14:40:32 (none) authpriv.debug pluto[8536]: | ICOOKIE:  5c 2c bf f7  e4 
> 
>> 88 0e c3
>> Nov 17 14:40:32 (none) authpriv.debug pluto[8536]: | RCOOKIE:  6b bb 02 cc  01 
> 
>> d1 98 03
>> Nov 17 14:40:32 (none) authpriv.debug pluto[8536]: | peer:  01 01 01 02
>> Nov 17 14:40:32 (none) authpriv.debug pluto[8536]: | state hash entry 27
>> Nov 17 14:40:32 (none) authpriv.debug pluto[8536]: | state object not found
>> Nov 17 14:40:32 (none) authpriv.debug pluto[8536]: | ICOOKIE:  5c 2c bf f7  e4 
> 
>> 88 0e c3
>> Nov 17 14:40:32 (none) authpriv.debug pluto[8536]: | RCOOKIE:  6b bb 02 cc  01 
> 
>> d1 98 03
>> Nov 17 14:40:32 (none) authpriv.debug pluto[8536]: | peer:  01 01 01 02
>> Nov 17 14:40:32 (none) authpriv.debug pluto[8536]: | state hash entry 27
>> Nov 17 14:40:32 (none) authpriv.debug pluto[8536]: | state object #1 found, in 
> 
>> STATE_MAIN_R3
>> Nov 17 14:40:32 (none) authpriv.warn pluto[8536]: "example" #1: Quick Mode I1 
>> message is unacceptable because it uses a previously used Message ID 0x7e1eb13a 
>>
>> (perhaps this is a duplicated packet)
>> Nov 17 14:40:32 (none) authpriv.warn pluto[8536]: "example" #1: sending 
>> encrypted notification INVALID_MESSAGE_ID to 1.1.1.2:500
>> Nov 17 14:40:32 (none) authpriv.debug pluto[8536]: | next event 
>> EVENT_SA_REPLACE 
>>
>> in 3500 seconds for #1
>> Nov 17 14:40:38 (none) cron.warn crond[4854]: time disparity of 21500077 
>> minutes 
>>
>> detected
>> Nov 17 14:40:52 (none) authpriv.debug pluto[8536]: |
>> Nov 17 14:40:52 (none) authpriv.debug pluto[8536]: | *received 124 bytes from 
>> 1.1.1.2:500 on eth0
>> Nov 17 14:40:52 (none) authpriv.debug pluto[8536]: | ICOOKIE:  5c 2c bf f7  e4 
> 
>> 88 0e c3
>> Nov 17 14:40:52 (none) authpriv.debug pluto[8536]: | RCOOKIE:  6b bb 02 cc  01 
> 
>> d1 98 03
>> Nov 17 14:40:52 (none) authpriv.debug pluto[8536]: | peer:  01 01 01 02
>> Nov 17 14:40:52 (none) authpriv.debug pluto[8536]: | state hash entry 27
>> Nov 17 14:40:52 (none) authpriv.debug pluto[8536]: | state object not found
>> Nov 17 14:40:52 (none) authpriv.debug pluto[8536]: | ICOOKIE:  5c 2c bf f7  e4 
> 
>> 88 0e c3
>> Nov 17 14:40:52 (none) authpriv.debug pluto[8536]: | RCOOKIE:  6b bb 02 cc  01 
> 
>> d1 98 03
>> Nov 17 14:40:52 (none) authpriv.debug pluto[8536]: | peer:  01 01 01 02
>> Nov 17 14:40:52 (none) authpriv.debug pluto[8536]: | state hash entry 27
>> Nov 17 14:40:52 (none) authpriv.debug pluto[8536]: | state object #1 found, in 
> 
>> STATE_MAIN_R3
>> Nov 17 14:40:52 (none) authpriv.warn pluto[8536]: "example" #1: Quick Mode I1 
>> message is unacceptable because it uses a previously used Message ID 0x7e1eb13a 
>>
>> (perhaps this is a duplicated packet)
>> Nov 17 14:40:52 (none) authpriv.warn pluto[8536]: "example" #1: sending 
>> encrypted notification INVALID_MESSAGE_ID to 1.1.1.2:500
>> Nov 17 14:40:52 (none) authpriv.debug pluto[8536]: | next event 
>> EVENT_SA_REPLACE 
>>
>> in 3480 seconds for #1
>>
>> >From the log I couldn't able to understand anything. Please help.
>>
>> Thanks
>> -Anand

======================================================================
Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==




More information about the Users mailing list