[Swan] RHEL7 Libreswan -> Google Cloud VPN

[Paul Wouters]

On Wed, 26 Aug 2015, Patrick Bakker wrote:

> I'm trying to setup a VPN between RHEL7 and Google Cloud VPN. I keep getting this cryptic error:
> 
> "google-tunnel" #6: ignored CCM/GCM ESP proposal 1: integrity transform must be IKEv2_AUTH_NONE or absent
>  ikev2_parent_inI2outR2_tail returned STF_FAIL with v2N_NO_PROPOSAL_CHOSEN"

It seems they are proposing AES_GCM which is an AEAD ciper, meaning that
it should not use an integrity algorithm. In libreswan configuration
terms this means:

 	esp=aes_gcm128-null

what they seem to be doing (without seeing the debug logs) look like:

 	esp=aes_gcm128-sha1

> This is with a barebones configuration like:
> conn google-tunnel
>         authby=secret
>         auto=start
>         type=tunnel
>         left=x.x.x.x
>         leftid=x.x.x.x
>         leftsourceip=x.x.x.x
>         leftsubnet=x.x.x.x/24
>         right=y.y.y.y
>         rightsubnet=y.y.y.y/16
>         rightsourceip=y.y.y.y
> 
> As well as if I try to force some algorithm like:
>         ike=aes-sha1
>         ikev2=insist
>         phase2=esp
>         phase2alg=aes_gcm_c-128-null

What happens if you insist on not using GCM? eg

 	esp=aes128-sha2

> Anybody have any ideas?

It seems like a bug in their implementation. You can try and use
IKEv2 to see if that works around the bug:

 	ikev2=insist

When using IKEv2, you can also use aes_gcm for ike with libreswan, so
then you can also try:

 	ikev2=insist
 	ike=aes_gcm128-sha2
 	esp=aes_gcm128-null

Note that here the "sha2" on the ike line means the prf, not the
auth/integ algorithm.

If any of these hints help, please let me know so we can contact
google and write up a FAQ/interop issue on this.

Paul