[Swan-dev] CentOS libreswan vs Fedora libreswan

D. Hugh Redelmeier hugh at mimosa.com
Sun Jun 30 16:10:27 UTC 2019

I'm trying to build a tunnel between a Fedora and a CentOS system, both 
running libreswan-3.29-1 packages.

I don't specify any cryptosuites -- I just let them default.

Much to my surprise, the CentOS Responder refuses the Fedora Initiator's 

  initiator guessed wrong keying material group (ECP_256); responding with INVALID_KE_PAYLOAD requesting MODP2048
  responding to IKE_SA_INIT (34) message (Message ID 0) from with unencrypted notification INVALID_KE_PAYLOAD

This response is fairly useless since the Initiator ought ignore 
unencrypted notifications.  This is surely a limitation of the protocol 

It's also seems pretty dumb to not have defaulted cryptosuites be
compatable.  I'm sure that there are excuses.  What are they?

ipsec auto --up prints progress information, but does not report this 
notification, making debugging harder than it should be.

- why would 3.29 default to something 3.29 doesn't accept?

- what is the minimal adition that I can make to the conn to allow 
  interop?  I don't wish to specify any part of the cryptosuites but I 
  certainly don't want to provide a complete and detailed specification.

Editorial comment: This sure seems like the kind of problem to drive 
people away from ipsec.  This should be fixed!

More information about the Swan-dev mailing list