[strongSwan] strongswan without client certifikate

Noel Kuntze noel at familie-kuntze.de
Sat Dec 6 17:28:37 CET 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello Imran,

The logs liik identical until the android client throws the error. It hink this might be a bug.
Please open a ticket on strongswan.org for that.

Mit freundlichen Grüßen/Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

Am 06.12.2014 um 17:22 schrieb Imran Akbar:
> Of course :)
>
> working config:
> server: http://pastebin.com/U3V88tPN
> client: http://pastebin.com/WMisNGet
>
> not working config with no BYOD libraries:
> server: http://pastebin.com/AAfKaiQC
> client: http://pastebin.com/4QfWVs84
>
> yours,
> imran
>
> On Sat, Dec 6, 2014 at 8:01 AM, Noel Kuntze <noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>> wrote:
>
>
> Hello Imran,
>
> Please send logs of the client and server side.
>
> Mit freundlichen Grüßen/Regards,
> Noel Kuntze
>
> GPG Key ID: 0x63EC6658
> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>
> Am 06.12.2014 um 17:02 schrieb Imran Akbar:
> > Hey Noel,
> >     I understand the security implications, as mentioned here: https://bluebox.com/technical/questioning-the-chain-of-trust-investigations-into-the-root-certificates-on-mobile-devices/
> > But I have no other way to get this working for clients without asking them to run through a long installation process.
>
> > I now have it working, but when I disable BYOD (no libtncss, libtncnif, or libimcv) in the Android client, it no longer works.
> > Any ideas?  I see the messages:
> > 12-06 15:19:41.844    2184-2308/ I/charon﹕ 06[ENC] proposal number smaller than previous
> > 12-06 15:19:41.844    2184-2308/ I/charon﹕ 06[ENC] SECURITY_ASSOCIATION payload verification failed
> > 12-06 15:19:41.844    2184-2308/ I/charon﹕ 06[IKE] message verification failed
> > on the server
> > and on the client, it seems to be stuck generating IKE_SA_INIT instead of IKE_AUTH requests.
>
> > Are those libraries required?
>
> > regards,
> > imran
>
> > On Fri, Dec 5, 2014 at 11:44 AM, Noel Kuntze <noel at familie-kuntze.de <mailto:noel at familie-kuntze.de> <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>>> wrote:
>
>
> > Hello Imran,
>
> > Using a trusted root CA would mean, that you have to trust a third party with access to your gateway.
> > An attacker could very well be in the network path between the client and the gateway, hence you need
> > to make sure he can't get a valid certificate. Trust between the client and the gateway is created over ...
> > 1) the CN of the DN of the certificate it presents that matches the name the client tries to connect to
> > 2) any SAN value in the certificate that matches the name the client tries to connect to
> > 3) the signature of a trusted third party on the certificate
>
> > Controlling access to the trusted third party's certficate means controlling which certificates get
> > issued. By using another company to issue your server certificate, you trust them to keep you safe.
>
> > Sadly, the CA system has proven to be somewhat untrustworthy, as a lot of hacks of CAs showed.
>
>
> > Mit freundlichen Grüßen/Regards,
> > Noel Kuntze
>
> > GPG Key ID: 0x63EC6658
> > Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>
> > Am 05.12.2014 um 20:39 schrieb Imran Akbar:
> > > Hey Noel,
>
> > > Do you mean using a trusted root CA certificate on Android will allow a MITM attack if someone tries to impersonate our gateway?  But if we restrict clients to only connect to our gateway - and not others signed by the same CA, would that still be an issue?
> > > The VPN itself doesn't have access to any protected resources - which is why I'm not worried about the lack of a PIN code on devices.  It's ease of use that I'm aiming for.
>
> > > yours,
> > > imran
>
> > > On Fri, Dec 5, 2014 at 11:15 AM, Noel Kuntze <noel at familie-kuntze.de <mailto:noel at familie-kuntze.de> <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>> <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de> <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>>>> wrote:
>
>
> > > Hello Imran,
>
> > > I strongly recommend NOT doing that, as the clients would then trust any server with a certificate of the CA
> > > and try to authenticate against them with their credentials, which may expose them to attackers.
> > > Also, you should really advise your clients to set up pin code authentication to their phone's home screen, as
> > > an individual getting their hands on on a client's phone would get access to the VPN, if the phone wasn't locked with a code.
>
> > > You might want to use a p12 file then to make this easier. See this website [1] for an example command to create one.
> > > The clients can get it sent by email and they just need to open it and accept the certificates.
> > > I'm sorry for the last email. It seems I experienced a bug with enigmail on Thunderbird.
>
> > > [1] https://wiki.strongswan.org/projects/strongswan/wiki/IOS_(Apple)#PKCS12-file
>
> > > Mit freundlichen Grüßen/Regards,
> > > Noel Kuntze
>
> > > GPG Key ID: 0x63EC6658
> > > Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>
> > > Am 05.12.2014 um 19:53 schrieb Imran Akbar:
> > > > Hey Noel,
>
> > > > thanks for your continued help.
> > > > I generated a self-signed CA on my server and put it into the correct directories.
>
> > > > While I can (and have previously) installed the CA certificate myself on the Android client, I don't want the other users who aren't as tech-savvy to have to do this step.  It also requires them to set up a PIN code for their phone's home screen, which not everyone wants to have to do.
>
> > > > If I used a paid, non-self-signed CA certificate that's tied back to one of the root certificates already installed on Android, would that solve this issue?
>
> > > > regards,
> > > > imran
>
>
>
>
>
> > > > On Fri, Dec 5, 2014 at 10:19 AM, Noel Kuntze <noel at familie-kuntze.de <mailto:noel at familie-kuntze.de> <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>> <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de> <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>>> <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de> <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>> <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de> <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>>>>> wrote:
>
>
> > > > Hello Imran,
>
> > > > Do you have a CA? You need to have your CA installed on all devices.
>
> > > > Try adding the DNS name you're connecting to in an additional SAN field by adding --san DNSNAME to
> > > > the ipsec pki command used to generate the server certificate.
>
> > > > Mit freundlichen Grüßen/Regards,
> > > > Noel Kuntze
>
> > > > GPG Key ID: 0x63EC6658
> > > > Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>
> > > > Am 05.12.2014 um 19:16 schrieb Imran Akbar:
> > > > > I've gotten past that issue by ensuring I was using the IP when generating the certificates, as in:
> > > > > http://endlessroad1991.blogspot.com/2014/04/setup-ipsec-vpn-on-ec2.html
>
> > > > > but now the client cannot verify the server with the message "verifying gateway authentication failed"
> > > > > and in the client log:
> > > > > "no trusted RSA public key found for 'C=CN, O=strongSwan, CN=54.169.64.53'"
>
> > > > > How can I verify the server without installing its public key on every client, or using a PSK (which the Android client doesn't support)?
>
> > > > > thanks,
> > > > > imran
>
> > > > > On Fri, Dec 5, 2014 at 9:04 AM, Imran Akbar <skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>>>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>>>>>> wrote:
>
> > > > >     When I change the ipsec.conf from:
> > > > >     rightauth=psk
> > > > >     righauth2=eap-mschapv2
>
> > > > >     to:
> > > > >     rightauth=eap-mschapv2
>
> > > > >     the server log now contains:
> > > > >     Dec  5 16:46:34 ip-172-31-26-153 charon: 14[CFG] looking for peer configs matching 172.31.26.153[%any]...172.56.39.247[app]
> > > > >     Dec  5 16:46:34 ip-172-31-26-153 charon: 14[CFG] selected peer config 'android'
> > > > >     Dec  5 16:46:34 ip-172-31-26-153 charon: 14[IKE] initiating EAP_IDENTITY method (id 0x00)
> > > > >     Dec  5 16:46:34 ip-172-31-26-153 charon: 14[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
> > > > >     Dec  5 16:46:34 ip-172-31-26-153 charon: 14[IKE] peer supports MOBIKE
> > > > >     Dec  5 16:46:34 ip-172-31-26-153 charon: 14[CFG] no IDr configured, fall back on IP address
> > > > >     Dec  5 16:46:34 ip-172-31-26-153 charon: 14[IKE] authentication of '172.31.26.153' (myself) with pre-shared key
> > > > >     Dec  5 16:46:34 ip-172-31-26-153 charon: 14[ENC] generating IKE_AUTH response 1 [ IDr AUTH EAP/REQ/ID ]
> > > > >     Dec  5 16:46:34 ip-172-31-26-153 charon: 14[NET] sending packet: from 172.31.26.153[4500] to 172.56.39.247[63277] (124 bytes)
> > > > >     Dec  5 16:46:34 ip-172-31-26-153 charon: 15[NET] received packet: from 172.56.39.247[63277] to 172.31.26.153[4500] (76 bytes)
> > > > >     Dec  5 16:46:34 ip-172-31-26-153 charon: 15[ENC] parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
>
> > > > >     and I get a different error message in the client log:
> > > > >     no shared key found for 'app'
>
> > > > >     As I was never prompted for the PSK in the app, I'm guessing the Android client doesn't support it?
> > > > >     Therefore, the only way to get this working is for the server to authenticate with a certificate, it seems.
> > > > >     Which isn't working, as it's not parsing my private key properly.
>
> > > > >     thanks,
> > > > >     imran
>
> > > > >     On Fri, Dec 5, 2014 at 8:41 AM, Imran Akbar <skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>>>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com> <mailto:skunkwerk at gmail.com <mailto:skunkwerk at gmail.com>>>>>> wrote:
>
> > > > >         Hey Thomas,
>
> > > > >         Here's my latest attempt to get a setup working without requiring client certificates.
>
> > > > >         Client is Strongswan Android, server is running Strongswan 5.2.2 on a fresh Ubuntu 14 server on EC2 with UDP ports 500 and 4500 opened.
> > > > >         Client is connecting via IKEv2 username/password.
>
> > > > >         Is PSK the same as the "EAP username/password" option in the Strongswan android client?  I have a feeling it's not, ie this config will not work for EAP-MSCHAPv2: http://www.strongswan.org/uml/testresults/ikev2/rw-psk-ipv4/
>
> > > > >         But there's no documentation on a version of this one without the gateway authenticating via a RSA key:
> > > > >         http://www.strongswan.org/uml/testresults/ikev2/rw-eap-mschapv2-id-rsa/
>
> > > > >         I've tried with the gateway authenticating itself using a certificate, and with PSK - both have the same error:
> > > > >         *"peer requested EAP, config inacceptable"*
>
> > > > >         In addition, the gateway seems unable to parse my private server key:
> > > > >         *building CRED_PRIVATE_KEY - RSA failed*, tried 5 builders
> > > > >         Dec  5 16:15:13 ip-172-31-26-153 charon: 00[CFG]   loading private key from '/etc/ipsec.d/private/serverKey.pem' failed
> > > > >         even though I see openssl, pkcs1, and pem in my plugins - though I'm not sure which ones weren't loaded, as it doesn't say in the log.
>
> > > > >         attempt 1 - with gateway using public key:
> > > > >         ipsec.conf: https://pastee.org/z8234
> > > > >         ipsec.secrets: https://pastee.org/mva6t
> > > > >         server log: https://pastee.org/t2ahc
>
> > > > >         attempt 2 - with gateway using PSK:
> > > > >         ipsec.conf: https://pastee.org/f4fbp
> > > > >         ipsec.secrets: https://pastee.org/mva6t
> > > > >         server log: https://pastee.org/6yd8q
>
> > > > >         Can someone please help?
>
> > > > >         thanks,
> > > > >         imran
>
> > > > >         On Thu, Dec 4, 2014 at 3:21 AM, Thomas <jk at c.vu <mailto:jk at c.vu <mailto:jk at c.vu> <mailto:jk at c.vu <mailto:jk at c.vu>> <mailto:jk at c.vu <mailto:jk at c.vu> <mailto:jk at c.vu <mailto:jk at c.vu>>> <mailto:jk at c.vu <mailto:jk at c.vu> <mailto:jk at c.vu <mailto:jk at c.vu>> <mailto:jk at c.vu <mailto:jk at c.vu> <mailto:jk at c.vu <mailto:jk at c.vu>>>>>> wrote:
>
> > > > >             Hi,
>
> > > > >             ok, so I have to change my EAP-MSCHAPv2 configuration.
> > > > >             I've tested a lot, but don't find any ipsec-configuration where the
> > > > >             client don't need the certificate installed local.
>
> > > > >             Do you have any ideas based on my posted ipsec.conf ?
>
> > > > >             Best regards
> > > > >             Thomas
>
> > > > >             Am 04.12.2014 10:40, schrieb Martin Willi:
> > > > >             > Hi,
> > > > >             >
> > > > >             >> Any idea whats the best authentication method for username/password only
> > > > >             >> on client-side? EAP-MD5?
> > > > >             >> The client should be able to connect via windows ikev2 native clients,
> > > > >             >> the strongswan android-app,
> > > > >             > If you want to use the native Windows IKEv2 Agile VPN client, there is
> > > > >             > no way around EAP-MSCHAPv2 for username/password authentication. You
> > > > >             > could wrap that in PEAP/TTLS, but that most likely makes no sense for
> > > > >             > your setup. The Android App supports EAP-MSCHAPv2 as well. Refer to [1]
> > > > >             > for configuration details.
> > > > >             >
> > > > >             >> and the native clients from osx/ios.
> > > > >             > OS X does not natively support IKEv2. You'd have to stick to IKEv1 with
> > > > >             > XAuth, so you need a separate configuration profile. Please note that
> > > > >             > there are rekeying issues with that client, which usually breaks the
> > > > >             > tunnel after ~45 minutes if you rely on username/passwords. Refer to [2]
> > > > >             > for configuration details.
> > > > >             >
> > > > >             > iOS supports IKEv2 since version 8, older versions support IKEv1 only.
> > > > >             > Refer to [3] for details about deploying configuration profiles.
> > > > >             >
> > > > >             > Regards
> > > > >             > Martin
> > > > >             >
> > > > >             > [1]https://wiki.strongswan.org/projects/strongswan/wiki/Windows7#C-Authentication-using-EAP-MSCHAP-v2
> > > > >             > [2]https://wiki.strongswan.org/projects/strongswan/wiki/IOS_(Apple)
> > > > >             > [3]https://wiki.strongswan.org/projects/strongswan/wiki/AppleIKEv2Profile
> > > > >             >
> > > > >             >
>
> > > > >             _______________________________________________
> > > > >             Users mailing list
> > > > >             Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>>> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>>>> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>>> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org
<mailto:Users at lists.strongswan.org>> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>>>>>
> > > > >             https://lists.strongswan.org/mailman/listinfo/users
>
>
>
>
>
>
> > > > > _______________________________________________
> > > > > Users mailing list
> > > > > Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>>> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>>>>
> > > > > https://lists.strongswan.org/mailman/listinfo/users
>
>
> > > >     _______________________________________________
> > > >     Users mailing list
> > > >     Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>>> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org> <mailto:Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>>>>
> > > >     https://lists.strongswan.org/mailman/listinfo/users
>
>
>
>
>
>
>
>
>
>
>
>
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJUgy6wAAoJEDg5KY9j7GZYH/gP/1KKK9Cvji30GTgzT4YN//sS
7/nV+nnv3zIZmc7ijbeGv70VWheYVXihkz5Xdzp0KRW/FtolyenOSsSOhujZ1y1V
FfLHeJEu2MzFRCoWHFnV7m+7gHwoOHREfjYwwMaEJ7WLXnD0QL5VGRBwEI54U9uw
XfJSpQkpJptMMcBeH4nf7CzHrqx1bcbxr1eJHZNoRXKqp7SVzjvJlDu5/HluMpNb
z2ACXw5FwnE7PJncie+EQzMKqf0AkePVOe7te3Ygba7itKU+k+oiCccq2jDxBLLJ
UZqDYdnehSn7Lg789kqVxyYMQCpuYze3dF9/tX/7KQ1mZ16wAMhVq4Ay8F4D/A/J
rZr3LRVdfKiHauE+IP6cNE5RqHoiVOo8BpoH8JwOMDcKAW/Fx9+gUaXqlQGMnQUw
5mih3vdWYVodx8Johqn1IGocpKT4rzqiuoA2Kn8x19t8q9qXqDGrS3r+O/kN0QsK
JA0u4HxhiLWyhpnkvxsdG3Mr2ic7SWrkrRkBdDnpbT7lyfPSRHCoPPikwIh4YckX
D/IfbsJeglqhubrDI7izK8Q2ea2n0fsGI77BpWLlvIo9Cis/Bs3Enw/KmRraqbA3
hZvODRmu4pJ9FqdYhyVumvDp/1gcbT/UbfPe7ZLqkpQkPz2CPdY+Qt4F0dfjXS/m
zGlb7RiNwlRxx0k38TLU
=zzi+
-----END PGP SIGNATURE-----




More information about the Users mailing list