[Swan] question about pfsgroup

[Paul Wouters]

On Sat, 31 Mar 2018, Xinwei Hong wrote:

>  I tried different algorithms in ike and esp.  libreswan did not fail.,e.g. I have this in log:
> 
> 000 vpn-5653427: "conn_vpn-5653427-tunnel-VPNRemoteRoutedSubnet-tunnel-10.30.0.0/16":   IKE algorithms wanted: AES_CBC(7)_256-SHA1(2)-MODP1024(2)
> 000 vpn-5653427: "conn_vpn-5653427-tunnel-VPNRemoteRoutedSubnet-tunnel-10.30.0.0/16":   IKE algorithms found:  AES_CBC(7)_256-SHA1(2)-MODP1024(2)
> 000 vpn-5653427: "conn_vpn-5653427-tunnel-VPNRemoteRoutedSubnet-tunnel-10.30.0.0/16":   IKE algorithm newest: AES_CBC_256-SHA1-MODP1024
> 000 vpn-5653427: "conn_vpn-5653427-tunnel-VPNRemoteRoutedSubnet-tunnel-10.30.0.0/16":   ESP algorithms wanted: AES(12)_128-SHA1(2); pfsgroup=MODP1536(5)
> 000 vpn-5653427: "conn_vpn-5653427-tunnel-VPNRemoteRoutedSubnet-tunnel-10.30.0.0/16":   ESP algorithms loaded: AES(12)_128-SHA1(2)
> 000 vpn-5653427: "conn_vpn-5653427-tunnel-VPNRemoteRoutedSubnet-tunnel-10.30.0.0/16":   ESP algorithm newest: AES_128-HMAC_SHA1; pfsgroup=MODP1536
> 
> If I understand the log correctly, it shows different pfs/dh groups are used in ike/ipsec. Or do I misunderstand anything?

I think code is a little in flux too with Andrew's recent changes to
support the microsoft rekey DH workaround code.

I just tested:

 	ike=aes128-sha1-modp2048
 	esp=aes128-sha1-modp1536

which seems to result in:

000 "westnet-eastnet-ikev2":   IKEv2 algorithm newest: AES_CBC_128-HMAC_SHA1-MODP2048
000 "westnet-eastnet-ikev2":   ESP algorithm newest: AES_CBC_128-HMAC_SHA1_96; pfsgroup=MODP1536

However, looking at the logs, since the first child sa transforms don't
include a DH group, it was really doing this as modp2048 from the ike
group. However, rerunning the --up command, which triggers and IPsec
rekey event, showed it did in fact use modp1536 for the rekey. So the
display information on the first child sa in the status command seems
to be misleading.

Paul