[strongSwan] disregarded diffie hellmann group

Marco Berizzi pupilla at hotmail.com
Thu Jun 4 11:03:08 CEST 2020


Hi Tobias,

apologies for the late response.

> You didn't clarify if that happens during a CHILD_SA initiation with
> IKE_AUTH or with CREATE_CHILD_SA.

According to the swanctl output it is happening with CHILD_SA initiation
with IKE_AUTH:

[IKE] initiating IKE_SA [146788]
[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(CHDLESS_SUP) ]
[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_384
[IKE] establishing CHILD_SA networks2{1872399}
[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH SA TSi TSr N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
[ENC] parsed IKE_AUTH response 1 [ IDr AUTH N(CRASH_DET) SA TSi TSr N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) ]
[IKE] scheduling reauthentication in 40155s
[IKE] maximum IKE_SA lifetime 44475s
[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
[IKE] CHILD_SA networks2{1872399} established with SPIs cdb597cf_i 8630bd6e_o and TS 10.159.240.0/30 === 10.176.194.0/24
initiate completed successfully

with CREATE_CHILD_SA instead everything looks good: the dhgroup is there.

[IKE] establishing CHILD_SA networks3{1872407}
[ENC] generating CREATE_CHILD_SA request 2 [ SA No KE TSi TSr ]
[ENC] parsed CREATE_CHILD_SA response 2 [ SA No KE TSi TSr N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) ]
[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/ECP_384/NO_EXT_SEQ
[IKE] CHILD_SA networks3{1872407} established with SPIs c5e40f32_i ee9e59b2_o and TS 10.159.240.0/30 === 10.96.101.0/24
initiate completed successfully

> During IKE_AUTH, the DH group is always omitted, so it really
> shouldn't matter who is initiator (and removing the DH group from
> the proposal doesn't make a difference). However, during
> CREATE_CHILD_SA DH is optional.  But enforcing a DH group as
> responder and not proposing one as initiator of the same CHILD_SA
> doesn't really make sense.  So if that's the case, it sounds like
> a bug.

thanks for the clarification Tobias.

Marco


More information about the Users mailing list