[Swan] Android 4.0+ using group authentication and aggressive mode

Elison Niven elison.niven at cyberoam.com
Wed May 22 14:23:55 EEST 2013 

Thanks for your reply Paul.

I do understand that IKEv1 with Aggressive Mode is very weak security 
and vulnerable to MITM, but I would still like to make Aggressive mode 
IKEv1 with Group authentication on Android/iOS devices work as that is 
one of the "standards" on most mobile devices today.

On Friday 17 May 2013 08:41 PM, Paul Wouters wrote:
> On Fri, 17 May 2013, Elison Niven wrote:
>
>
> Thanks for sharing your android config!
>
>> 2) dpd is required because these android devices do not send Delete SA
>> payload upon disconnection.
>
> Note that this might cost you a lot of battery. It would be good if the
> tunnel stays up and Android can use it after it wakes up from screensave
> without establishing a new one.
>
>> Create the file /etc/ipsec.d/passwd :
>> # htpasswd -c -d -b /etc/ipsec.d/passwd <username> <password>
>> Now edit the file and add ":android" i.e. the connection name at the end.
>>
>> Example : For username=elison and password=elison, the file will look
>> like :
>> elison:<some hashed password>:android
>
> You can also use xauthby=pam to use pam authentication, which could
> include a token based authentication like secureid of google
> authenticator.
>
> If you use X.509 certificates, you can even use xauthby=alwaysok so it
> won't matter what you fill in.
>
>> This also works for Apple iOS devices. The device configuration is
>> quite similar on iOS.
>>
>> On Android, there is a field called "IPSec identifier" and on iOS,
>> there is a field called "Group Name". Whenever this field is
>> configured, these devices send an aggressive mode request:
>
> If you use certificates, then Main Mode is used on iphone. However, be
> aware that if you configured PSK, then switch to X509, the iphone does
> _not_ wipe the groupname, and everything will fail. You'll have to
> temporarilly enable psk to wipe the group name field and reconfigure it
> back to certificates.
>
>> What configuration/change is required to support this mode?
>
> I would stay away from PSK/groupname/aggrmode if I were you and switch to
> certificates with main mode. It gives more privacy (ID does not leak
> plaintext) and using aggressive mode with PSK means any client knows the
> full credentials to fake the gateway, and MITM other clients and get
> their XAUTH credentials.
>
> Paul
>
>

-- 
Best Regards,
Elison Niven

More information about the Swan mailing list