[strongSwan] Connecting a Zyxel client with PSK to strongswan

Thomas Egerer hakke_007 at gmx.de
Fri Jan 22 10:29:25 CET 2016

Hash: SHA256


neither of your connections has a reasonable 'right' parameter [1],
so charon has to guess which connection to select. Based on what
the log says, it choses CertBased over the one you want (testzyxel).
Try adding 'right=' to conn testzyxel. This should
let charon select the proper IKE/Peer config.


[1] https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection

On 01/22/2016 06:04 AM, CJ Fearnley wrote:
> Unfortunately, the Zyxel's cannot use a CA signed cert, so I'm forced to
> try to connect them with PSK despite our other ipsec clients using certs
> (Netgears).
> I have this configuration (Debian Jessie, Linux strongSwan
> U5.2.1/K3.16.0-4-amd64):
> config setup
>     uniqueids=no
> conn %default
>     mobike=no
>     keyexchange=ikev1
>     left=
>     leftsubnet=
>     auto=add
> conn CertBased
>     leftid="C=US, ST=IL, L=Glenwood, O=[Private redacted], CN=[Private redacted], E=[Private redacted]"
>     leftcert=[Private redacted],crt
>     leftsendcert=always
>     ike=3des-sha1-modp1024!
>     esp=3des-sha1-modp1024!

> conn Netgear
>     rightsubnet=
>     right=%any
>     also=CertBased
> conn testzyxel
>     rightsubnet=
>     leftsendcert=no
>     authby=psk
>     compress=no
>     ikelifetime=8h
>     lifetime=8h
>     ike=aes256-sha256-modp1024!
>     esp=aes256-sha256-modp1024!
> The Netgear connections work. The testzyxel connections fail.
> I've tried it with the ike= and esp= lines commented out too.
> When I set ike logging to level 2: ipsec stroke loglevel ike 2, I see this in
> the logs:
> Jan 21 23:04:25 cw1 charon: 10[IKE] is initiating a Main Mode IKE_SA
> Jan 21 23:04:25 cw1 charon: 10[IKE] IKE_SA (unnamed)[19] state change: CREATED => CONNECTING
> Jan 21 23:04:25 cw1 charon: 10[CFG] received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024
> Jan 21 23:04:25 cw1 charon: 10[CFG] configured proposals: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
> Jan 21 23:04:25 cw1 charon: 10[IKE] no proposal found
> I have tried every combination of encryption & integrity algorigthms
> that I could think of. It always claims to be configured for
> 3DES_CBC/HMAC_SHA1_96 instead of AES_CBC_256/HMAC_SHA2_256_128. Can this
> be fixed?
> I consulted https://wiki.strongswan.org/projects/1/wiki/IKEv1CipherSuites
> and so I would think specifying aes256-sha256-modp1024 should work. Why isn't
> strongswan accepting it?
> In /etc/strongswan.d/charon.conf, I added the line
>     # Plugins to load in the IKE daemon charon.
>     load = openssl aes sha1 sha2 hmac x509
> I included the part of the configuration that uses certs to authenticate
> our Netgear clients. Could the ike= and esp= lines needed for the Netgears
> be blocking the testzyxel stanza from using aes256-sha256?
> Here is the output of "ipsec listalgs":
> List of registered IKE algorithms:
> sudo ipsec listalgs
> List of registered IKE algorithms:
>   encryption: AES_CBC[af-alg] DES_CBC[af-alg] DES_ECB[af-alg] 3DES_CBC[af-alg] AES_CTR[af-alg] CAMELLIA_CBC[af-alg]
>               CAMELLIA_CTR[af-alg] CAST_CBC[af-alg] BLOWFISH_CBC[af-alg] SERPENT_CBC[af-alg] TWOFISH_CBC[af-alg]
>               NULL[openssl] RC2_CBC[rc2]
>   integrity:  HMAC_SHA1_96[af-alg] HMAC_SHA1_128[af-alg] HMAC_SHA1_160[af-alg] HMAC_SHA2_256_96[af-alg]
>               HMAC_SHA2_256_128[af-alg] HMAC_MD5_96[af-alg] HMAC_MD5_128[af-alg] HMAC_SHA2_256_256[af-alg]
>               HMAC_SHA2_384_192[af-alg] HMAC_SHA2_384_384[af-alg] HMAC_SHA2_512_256[af-alg] HMAC_SHA2_512_512[af-alg]
>               AES_XCBC_96[af-alg] CAMELLIA_XCBC_96[af-alg] AES_CMAC_96[cmac]
>   aead:       AES_CCM_8[ccm] AES_CCM_12[ccm] AES_CCM_16[ccm] CAMELLIA_CCM_8[ccm] CAMELLIA_CCM_12[ccm]
>               CAMELLIA_CCM_16[ccm] AES_GCM_8[gcm] AES_GCM_12[gcm] AES_GCM_16[gcm]
>   hasher:     HASH_SHA1[af-alg] HASH_MD4[af-alg] HASH_MD5[af-alg] HASH_SHA224[af-alg] HASH_SHA256[af-alg]
>               HASH_SHA384[af-alg] HASH_SHA512[af-alg]
>   prf:        PRF_HMAC_SHA1[af-alg] PRF_HMAC_SHA2_256[af-alg] PRF_HMAC_MD5[af-alg] PRF_HMAC_SHA2_384[af-alg]
>               PRF_HMAC_SHA2_512[af-alg] PRF_AES128_XCBC[af-alg] PRF_CAMELLIA128_XCBC[af-alg] PRF_AES128_CMAC[cmac]
>               PRF_KEYED_SHA1[openssl] PRF_FIPS_SHA1_160[fips-prf]
>   dh-group:   MODP_2048[gcrypt] MODP_2048_224[gcrypt] MODP_2048_256[gcrypt] MODP_1536[gcrypt] MODP_3072[gcrypt]
>               MODP_4096[gcrypt] MODP_6144[gcrypt] MODP_8192[gcrypt] MODP_1024[gcrypt] MODP_1024_160[gcrypt]
>               MODP_768[gcrypt] MODP_CUSTOM[gcrypt] ECP_256[openssl] ECP_384[openssl] ECP_521[openssl] ECP_224[openssl]
>               ECP_192[openssl] ECP_224_BP[openssl] ECP_256_BP[openssl] ECP_384_BP[openssl] ECP_512_BP[openssl]
>   random-gen: RNG_WEAK[gcrypt] RNG_STRONG[gcrypt] RNG_TRUE[gcrypt]
>   nonce-gen:  [nonce]
> Do I need to specify another plugin? Am I missing a Debian package that
> provides the aes256 encryption algorithm?
> As a last try I wondered if maybe I need to configure strongswan with 3des by
> adding the des plugin and trying with these line in and commented out:
>     ike=3des-sha1-modp1024!
>     esp=3des-sha1-modp1024!
> Of course, I wasn't thinking backward and it didn't work. Any suggestions?

Version: GnuPG v2


More information about the Users mailing list