[strongSwan] charon says "DH group MODP_1024 inacceptable, requesting MODP_1536"

Harald Dunkel harald.dunkel at aixigo.de
Tue Oct 27 11:32:22 CET 2015 

Hi folks,

I am trying to connect an ios 9.1 device to strongswan 5.3.3,
using IKEv2. Problem: It doesn't.

Here is the log file:

Oct 27 09:33:25 srvl047 charon: 02[NET] received packet: from 2001:db8:30:fff0:4ff:fc45:f6a4:3860[500] to 2001:db8:13b0:ffff::63[500]
Oct 27 09:33:25 srvl047 charon: 02[NET] waiting for data on sockets
Oct 27 09:33:25 srvl047 charon: 15[MGR] checkout IKE_SA by message
Oct 27 09:33:25 srvl047 charon: 15[MGR] created IKE_SA (unnamed)[5]
Oct 27 09:33:25 srvl047 charon: 15[NET] received packet: from 2001:db8:30:fff0:4ff:fc45:f6a4:3860[500] to 2001:db8:13b0:ffff::63[500] (388 bytes)
Oct 27 09:33:25 srvl047 charon: 15[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
Oct 27 09:33:25 srvl047 charon: 15[CFG] looking for an ike config for 2001:db8:13b0:ffff::63...2001:db8:30:fff0:4ff:fc45:f6a4:3860
Oct 27 09:33:25 srvl047 charon: 15[CFG]   candidate: gate.example.com...%any, prio 1052
Oct 27 09:33:25 srvl047 charon: 15[CFG]   candidate: gate.example.com...%any, prio 1052
Oct 27 09:33:25 srvl047 charon: 15[CFG] found matching ike config: gate.example.com...%any with prio 1052
Oct 27 09:33:25 srvl047 charon: 15[IKE] 2001:db8:30:fff0:4ff:fc45:f6a4:3860 is initiating an IKE_SA
Oct 27 09:33:25 srvl047 charon: 15[IKE] IKE_SA (unnamed)[5] state change: CREATED => CONNECTING
Oct 27 09:33:25 srvl047 charon: 15[CFG] selecting proposal:
Oct 27 09:33:25 srvl047 charon: 15[CFG]   no acceptable ENCRYPTION_ALGORITHM found
Oct 27 09:33:25 srvl047 charon: 15[CFG] selecting proposal:
Oct 27 09:33:25 srvl047 charon: 15[CFG]   no acceptable DIFFIE_HELLMAN_GROUP found
Oct 27 09:33:25 srvl047 charon: 15[CFG] selecting proposal:
Oct 27 09:33:25 srvl047 charon: 15[CFG]   no acceptable ENCRYPTION_ALGORITHM found
Oct 27 09:33:25 srvl047 charon: 15[CFG] selecting proposal:
Oct 27 09:33:25 srvl047 charon: 15[CFG]   no acceptable ENCRYPTION_ALGORITHM found
Oct 27 09:33:25 srvl047 charon: 15[CFG] selecting proposal:
Oct 27 09:33:25 srvl047 charon: 15[CFG]   proposal matches
Oct 27 09:33:25 srvl047 charon: 15[CFG] received proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1536, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Oct 27 09:33:25 srvl047 charon: 15[CFG] configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1536, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Oct 27 09:33:25 srvl047 charon: 15[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1536
Oct 27 09:33:25 srvl047 charon: 15[IKE] sending strongSwan vendor ID
Oct 27 09:33:25 srvl047 charon: 15[IKE] DH group MODP_1024 inacceptable, requesting MODP_1536
Oct 27 09:33:25 srvl047 charon: 15[ENC] generating IKE_SA_INIT response 0 [ N(INVAL_KE) V ]
Oct 27 09:33:25 srvl047 charon: 15[NET] sending packet: from 2001:db8:13b0:ffff::63[500] to 2001:db8:30:fff0:4ff:fc45:f6a4:3860[500] (58 bytes)
Oct 27 09:33:25 srvl047 charon: 15[MGR] checkin and destroy IKE_SA (unnamed)[5]
Oct 27 09:33:25 srvl047 charon: 03[NET] sending packet: from 2001:db8:13b0:ffff::63[500] to 2001:db8:30:fff0:4ff:fc45:f6a4:3860[500]
Oct 27 09:33:25 srvl047 charon: 15[IKE] IKE_SA (unnamed)[5] state change: CONNECTING => DESTROYING
Oct 27 09:33:25 srvl047 charon: 15[MGR] check-in and destroy of IKE_SA successful


Please note that both peers agreed upon a proposal including DH group 5,
but then there is a message "DH group MODP_1024 inacceptable, requesting
MODP_1536". The selected proposal wasn't DH2, so I wonder WTH?


Every helpful comment would be highly appreciated
Regards

Harri
-- 
aixigo AG, Karl-Friedrich-Strasse 68, 52072 Aachen, Germany
phone: +49 241 559709-79, fax: +49 241 559709-99
eMail: harald.dunkel at aixigo.de, web: http://www.aixigo.de
Amtsgericht Aachen - HRB 8057, Vorstand: Erich Borsch, Christian Friedrich, Tobias Haustein, Vors. des Aufsichtsrates: Prof. Dr. Ruediger von Nitzsch
-------------- next part --------------
config setup
	charondebug="dmn 2, mgr 2, ike 2, chd 2, cfg 2, net 2"

conn %default
	left		= gate.example.com
	leftcert	= gate.example.com.pem
	leftsendcert	= always
	leftsubnet	= 10.1.1.0/24
	leftfirewall	= yes
	ikelifetime	= 3h
	lifetime	= 1h
	rekey		= yes
	dpdaction	= hold
	dpddelay	= 30s
#
# IKEv2 using RSA authentication
conn IPSec-IKEv2
	keyexchange	= ikev2
	ike		= aes256-sha256-modp2048,aes256-sha256-modp1536,aes256-sha1-modp1536,aes256-sha256-modp1024,aes256-sha1-modp1024!
	esp		= aes256-sha256-modp2048,aes256-sha256-modp1536,aes256-sha1-modp1536,aes256-sha256-modp1024,aes256-sha1-modp1024!
	right		= %any
	rightauth	= pubkey
	rightsourceip	= %dhcp
	# fragmentation = yes
	auto		= add

#
# IKEv1 using xauth (i.e. enter password)
conn CiscoIPSec
	keyexchange	= ikev1
	ike		= aes256-sha1-modp1536!
	esp		= aes256-sha1!
	rightauth	= pubkey
	right		= %any
	rightsourceip	= %dhcp
	rightauth2	= xauth
	auto		= add

More information about the Users mailing list