[strongSwan] SAs do not establish with OpenBSD iked

readme at catastrophe.net readme at catastrophe.net
Sun Mar 27 16:52:45 CEST 2022 

Greetings -

I'm trying to establish a tunnel between strongSwan U5.9.1/K5.10.103-v7+ (ip
addr 10.1.1.228) and OpenBSD 7.0 running iked (ip addr 10.1.1.9). The linux
machine has an eth0 interface (192.168.13.1/24) that I'm sourcing traffic from
and iptables NAT statements that are working.

I've worked through the proposals and everything looks good, but the SA for
192.168.13.0/24<->192.168.253.0/27 does not establish.

Any help is appreciated, thanks in advance!

strongSwan configuration
------------------------
config setup
    charondebug="all"
    uniqueids=yes

conn OPENBSD_GW
    type=tunnel
    auto=start
    keyexchange=ikev2
    authby=secret
    left=192.168.13.1
    leftsubnet=192.168.13.0/24
    leftid="swan.example.com"
    right=10.1.1.9
    rightsubnet=192.168.253.0/27
    rightid="openbsd"
    ike=aes256-sha512-modp4096
    esp=aes256-sha512-modp4096

# cat /etc/ipsec.secrets
192.168.13.1 10.1.1.9 : PSK "12345"



OpenBSD configuration
---------------------
ikev2 "STRONGSWAN_REMOTE_LAN" passive esp \
  from 192.168.13.0/24 to 192.168.253.0/27 \
  peer any local openbsd \
  ikesa enc aes-256 auth hmac-sha2-512 group modp4096 \
   childsa enc aes-256 auth hmac-sha2-512 group modp4096 \
  srcid openbsd dstid swan.example.com \
  psk "12345" tag "$name-$id"


Debugging output from client
----------------------------

# ipsec start
Starting strongSwan 5.9.1 IPsec [starter]...
# ipsec statusall
Status of IKE charon daemon (strongSwan 5.9.1, Linux 5.10.103-v7+, armv7l):
  uptime: 9 seconds, since Mar 27 09:29:19 2022
  malloc: sbrk 1323008, mmap 0, used 291048, free 1031960
  worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 0
  loaded plugins: charon aes rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm drbg attr kernel-netlink resolve socket-default connmark stroke updown eap-mschapv2 xauth-generic counters
Listening IP addresses:
  192.168.13.1
  10.1.1.228
Connections:
OPENBSD_GW:  %any...10.1.1.9  IKEv2
OPENBSD_GW:   local:  [swan.example.com] uses pre-shared key authentication
OPENBSD_GW:   remote: [openbsd] uses pre-shared key authentication
OPENBSD_GW:   child:  192.168.13.0/24 === 192.168.253.0/27 TUNNEL
Security Associations (0 up, 0 connecting):
  none

# ping -I 192.168.13.1 192.168.253.20
PING 192.168.253.20 (192.168.253.20) from 192.168.13.1 : 56(84) bytes of data.

--- 192.168.253.20 ping statistics ---
9 packets transmitted, 0 received, 100% packet loss, time 8332ms

Linux network configs
---------------------
# ifconfig wlan0 | grep 10.1.1
        inet 10.1.1.228  netmask 255.255.255.0  broadcast 10.1.1.255
# ifconfig eth0 | grep 192.168.13
        inet 192.168.13.1  netmask 255.255.255.0  broadcast 192.168.13.255
# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth0 -o wlan0 -j ACCEPT



Debugging output of `iked -dvv` on the OpenBSD side
---------------------------------------------------
create_ike: using unknown for peer swan.example.com
ikev2 "STRONGSWAN_REMOTE_LAN" passive tunnel esp inet from 192.168.13.0/24 to 192.168.253.0/27 local 10.1.1.9 peer any ikesa enc aes-256 prf hmac-sha2-256 prf hmac-sha2-384 prf hmac-sha2-512 prf hmac-sha1 auth hmac-sha2-512 group modp4096 childsa enc aes-256 auth hmac-sha2-512 group modp4096 esn noesn srcid openbsd dstid swan.example.com lifetime 10800 bytes 4294967296 psk 0x313233343534333231 tag "$name-$id"
/etc/iked.conf: loaded 1 configuration rules
ca_privkey_serialize: type RSA_KEY length 1192
ca_pubkey_serialize: type RSA_KEY length 270
ca_privkey_to_method: type RSA_KEY method RSA_SIG
ca_getkey: received private key type RSA_KEY length 1192
config_getpolicy: received policy
ca_getkey: received public key type RSA_KEY length 270
ca_dispatch_parent: config reset
config_getpfkey: received pfkey fd 3
config_getcompile: compilation done
config_getsocket: received socket fd 4
config_getsocket: received socket fd 5
config_getsocket: received socket fd 6
config_getsocket: received socket fd 7
config_getstatic: dpd_check_interval 60
config_getstatic: no enforcesingleikesa
config_getstatic: no fragmentation
config_getstatic: mobike
config_getstatic: nattport 4500
config_getstatic: no stickyaddress
ca_reload: local cert type RSA_KEY
config_getocsp: ocsp_url none tolerate 0 maxage -1
ikev2_dispatch_cert: updated local CERTREQ type RSA_KEY length 0
policy_lookup: setting policy 'STRONGSWAN_REMOTE_LAN'
spi=0x775e05fc3e679d31: recv IKE_SA_INIT req 0 peer 10.1.1.228:500 local 10.1.1.9:500, 1260 bytes, policy 'STRONGSWAN_REMOTE_LAN'
ikev2_recv: ispi 0x775e05fc3e679d31 rspi 0x0000000000000000
ikev2_policy2id: srcid FQDN/openbsd length 13
ikev2_pld_parse: header ispi 0x775e05fc3e679d31 rspi 0x0000000000000000 nextpayload SA version 0x20 exchange IKE_SA_INIT flags 0x08 msgid 0 length 1260 response 0
ikev2_pld_payloads: payload SA nextpayload KE critical 0x00 length 588
ikev2_pld_sa: more 2 reserved 0 length 44 proposal #1 protoid IKE spisize 0 xforms 4 spi 0
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_512_256
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_512
ikev2_pld_xform: more 0 reserved 0 length 8 type DH id MODP_4096
ikev2_pld_sa: more 2 reserved 0 length 272 proposal #2 protoid IKE spisize 0 xforms 30 spi 0
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 128 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 192 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id CAMELLIA_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 128 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id CAMELLIA_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 192 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id CAMELLIA_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type ENCR id 3DES
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_256_128
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_384_192
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_512_256
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA1_96
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id AES_XCBC_96
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_256
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_384
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_512
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id AES128_XCBC
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA1
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_4096
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id ECP_256
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id ECP_384
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id ECP_521
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id BRAINPOOL_P256R1
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id BRAINPOOL_P384R1
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id BRAINPOOL_P512R1
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id CURVE25519
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id <UNKNOWN:32>
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_3072
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_6144
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_8192
ikev2_pld_xform: more 0 reserved 0 length 8 type DH id MODP_2048
ikev2_pld_sa: more 0 reserved 0 length 268 proposal #3 protoid IKE spisize 0 xforms 28 spi 0
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_GCM_16
ikev2_pld_attr: attribute type KEY_LENGTH length 128 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_GCM_16
ikev2_pld_attr: attribute type KEY_LENGTH length 192 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_GCM_16
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type ENCR id CHACHA20_POLY1305
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_GCM_12
ikev2_pld_attr: attribute type KEY_LENGTH length 128 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_GCM_12
ikev2_pld_attr: attribute type KEY_LENGTH length 192 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_GCM_12
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_GCM_8
ikev2_pld_attr: attribute type KEY_LENGTH length 128 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_GCM_8
ikev2_pld_attr: attribute type KEY_LENGTH length 192 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_GCM_8
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_256
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_384
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_512
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id AES128_XCBC
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA1
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_4096
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id ECP_256
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id ECP_384
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id ECP_521
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id BRAINPOOL_P256R1
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id BRAINPOOL_P384R1
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id BRAINPOOL_P512R1
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id CURVE25519
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id <UNKNOWN:32>
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_3072
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_6144
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_8192
ikev2_pld_xform: more 0 reserved 0 length 8 type DH id MODP_2048
ikev2_pld_payloads: payload KE nextpayload NONCE critical 0x00 length 520
ikev2_pld_ke: dh group MODP_4096 reserved 0
ikev2_pld_payloads: payload NONCE nextpayload NOTIFY critical 0x00 length 36
ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 28
ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_SOURCE_IP
ikev2_nat_detection: peer source 0x775e05fc3e679d31 0x0000000000000000 10.1.1.228:500
ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 28
ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_DESTINATION_IP
ikev2_nat_detection: peer destination 0x775e05fc3e679d31 0x0000000000000000 10.1.1.9:500
ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 8
ikev2_pld_notify: protoid NONE spisize 0 type FRAGMENTATION_SUPPORTED
ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 16
ikev2_pld_notify: protoid NONE spisize 0 type SIGNATURE_HASH_ALGORITHMS
ikev2_pld_notify: signature hash SHA2_256 (2)
ikev2_pld_notify: signature hash SHA2_384 (3)
ikev2_pld_notify: signature hash SHA2_512 (4)
ikev2_pld_notify: signature hash <UNKNOWN:5> (5)
ikev2_pld_payloads: payload NOTIFY nextpayload NONE critical 0x00 length 8
ikev2_pld_notify: protoid NONE spisize 0 type REDIRECT_SUPPORTED
proposals_negotiate: score 6
proposals_negotiate: score 4
proposals_negotiate: score 0
policy_lookup: setting policy 'STRONGSWAN_REMOTE_LAN'
spi=0x775e05fc3e679d31: sa_state: INIT -> SA_INIT
proposals_negotiate: score 6
proposals_negotiate: score 4
proposals_negotiate: score 0
sa_stateok: SA_INIT flags 0x0000, require 0x0000 
sa_stateflags: 0x0000 -> 0x0020 sa (required 0x0000 )
spi=0x775e05fc3e679d31: ikev2_sa_keys: DHSECRET with 512 bytes
ikev2_sa_keys: SKEYSEED with 32 bytes
spi=0x775e05fc3e679d31: ikev2_sa_keys: S with 80 bytes
ikev2_prfplus: T1 with 32 bytes
ikev2_prfplus: T2 with 32 bytes
ikev2_prfplus: T3 with 32 bytes
ikev2_prfplus: T4 with 32 bytes
ikev2_prfplus: T5 with 32 bytes
ikev2_prfplus: T6 with 32 bytes
ikev2_prfplus: T7 with 32 bytes
ikev2_prfplus: T8 with 32 bytes
ikev2_prfplus: T9 with 32 bytes
ikev2_prfplus: Tn with 288 bytes
ikev2_sa_keys: SK_d with 32 bytes
ikev2_sa_keys: SK_ai with 64 bytes
ikev2_sa_keys: SK_ar with 64 bytes
ikev2_sa_keys: SK_ei with 32 bytes
ikev2_sa_keys: SK_er with 32 bytes
ikev2_sa_keys: SK_pi with 32 bytes
ikev2_sa_keys: SK_pr with 32 bytes
ikev2_add_proposals: length 44
ikev2_next_payload: length 48 nextpayload KE
ikev2_next_payload: length 520 nextpayload NONCE
ikev2_next_payload: length 36 nextpayload NOTIFY
ikev2_nat_detection: local source 0x775e05fc3e679d31 0x5ee741782a2a3256 10.1.1.9:500
ikev2_next_payload: length 28 nextpayload NOTIFY
ikev2_nat_detection: local destination 0x775e05fc3e679d31 0x5ee741782a2a3256 10.1.1.228:500
ikev2_next_payload: length 28 nextpayload NOTIFY
ikev2_next_payload: length 14 nextpayload NONE
ikev2_pld_parse: header ispi 0x775e05fc3e679d31 rspi 0x5ee741782a2a3256 nextpayload SA version 0x20 exchange IKE_SA_INIT flags 0x20 msgid 0 length 702 response 1
ikev2_pld_payloads: payload SA nextpayload KE critical 0x00 length 48
ikev2_pld_sa: more 0 reserved 0 length 44 proposal #2 protoid IKE spisize 0 xforms 4 spi 0
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_256
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_512_256
ikev2_pld_xform: more 0 reserved 0 length 8 type DH id MODP_4096
ikev2_pld_payloads: payload KE nextpayload NONCE critical 0x00 length 520
ikev2_pld_ke: dh group MODP_4096 reserved 0
ikev2_pld_payloads: payload NONCE nextpayload NOTIFY critical 0x00 length 36
ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 28
ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_SOURCE_IP
ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 28
ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_DESTINATION_IP
ikev2_pld_payloads: payload NOTIFY nextpayload NONE critical 0x00 length 14
ikev2_pld_notify: protoid NONE spisize 0 type SIGNATURE_HASH_ALGORITHMS
spi=0x775e05fc3e679d31: send IKE_SA_INIT res 0 peer 10.1.1.228:500 local 10.1.1.9:500, 702 bytes
config_free_proposals: free 0x28048015400
config_free_proposals: free 0x2804801d400
config_free_proposals: free 0x2804801d080
config_doreset: flushing policies
config_doreset: flushing SAs
config_free_proposals: free 0x2804801d180
config_free_proposals: free 0x2804803e900
config_free_proposals: free 0x2804801d480
config_free_flows: free 0x28048019000
config_doreset: flushing users
ca exiting, pid 48800
control exiting, pid 58311
ikev2 exiting, pid 45313
parent terminating

More information about the Users mailing list