[Swan] StrongSwan connectivity problems IKEv2 (Android/Linux)

bessonov.victor at e-queo.com bessonov.victor at e-queo.com
Wed Apr 25 14:24:04 UTC 2018 

Hello! It looks like there are some problems with StronSwan
connectivity. (I've tried both on Android and Linux) Or I'm doing
something wrong. I've set up everything as per instructions, I am able
to connect from Windows 10 native client, but connecting from
StrongSwan fails with logs like:

packet from 188.233.186.70:58230: roadwarriors IKE proposals for
initial responder:
1:IKE:ENCR=AES_GCM_C_256,AES_GCM_C_128;PRF=HMAC_SHA2_256;INTEG=NONE;DH=
ECP_256
2:IKE:ENCR=AES_CBC_256,AES_CBC_128;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_25
6_128;DH=ECP_256
3:IKE:ENCR=SERPENT_CBC_256,SERPENT_CBC_128;PRF=HMAC_SHA2_256;INTEG=HMAC
_SHA2_256_128;DH=ECP_256
4:IKE:ENCR=AES_CBC_256,AES_CBC_128;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_25
6_128;DH=MODP1024

packet from 188.233.186.70:58230: proposal
2:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_256;DH=ECP_256 chosen from:
1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=3DES;INTE
G=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INT
EG=HMAC_SHA1_96;INTEG=AES_XCBC_96;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;P
RF=HMAC_SHA2_512;PRF=AES128_XCBC;PRF=HMAC_SHA1;DH=ECP_256;DH=ECP_384;DH
=ECP_521;DH=BRAINPOOL_P256R1;DH=BRAINPOOL_P384R1;DH=BRAINPOOL_P512R1;DH
=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=MODP2048[first-
match]
2:IKE:ENCR=AES_GCM_C_128;ENCR=AES_GCM_C_192;ENCR=AES_GCM_C_256;ENCR=CHA
CHA20_POLY1305_256;ENCR=AES_GCM_B_128;ENCR=AES_GCM_B_192;ENCR=AES_GCM_B
_256;ENCR=AES_GCM_A_128;ENCR=AES_GCM_A_192;ENCR=AES_GCM_A_256;PRF=HMAC_
SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=AES128_XCBC;PRF=HMAC_S
HA1;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=BRAINPOOL_P256R1;DH=BRAINPOOL_P
384R1;DH=BRAINPOOL_P512R1;DH=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP
8192;DH=MODP2048[better-match]

"roadwarriors"[1] 188.233.186.70 #1: STATE_PARENT_R1: received v2I1,
sent v2R1 {auth=IKEv2 cipher=aes_gcm_16_256 integ=n/a prf=sha2_256
group=DH19}
"roadwarriors"[1] 188.233.186.70 #1: certificate verified OK:
C=RU,ST=Volgograd oblast,L=Volgograd,O=eQueo IPSec,OU=IT Dept.,CN=j.doe
"roadwarriors"[1] 188.233.186.70 #1: No matching subjectAltName found
"roadwarriors"[1] 188.233.186.70 #1: certificate does not contain ID_IP
subjectAltName=188.233.186.70
"roadwarriors"[1] 188.233.186.70 #1: Peer public key SubjectAltName
does not match peer ID for this connection
"roadwarriors"[1] 188.233.186.70 #1: switched from "roadwarriors"[1]
188.233.186.70 to "roadwarriors"
"roadwarriors"[2] 188.233.186.70 #1: deleting connection
"roadwarriors"[1] 188.233.186.70 instance with peer 188.233.186.70
{isakmp=#0/ipsec=#0}
"roadwarriors"[2] 188.233.186.70 #1: certificate verified OK:
C=RU,ST=Volgograd oblast,L=Volgograd,O=eQueo IPSec,OU=IT Dept.,CN=j.doe
"roadwarriors"[2] 188.233.186.70 #1: IKEv2 mode peer ID is
ID_DER_ASN1_DN: 'CN=j.doe, OU=IT Dept., O=eQueo IPSec, L=Volgograd,
ST=Volgograd oblast, C=RU'
"roadwarriors"[2] 188.233.186.70 #1: DigSig: no compatible DigSig hash
algo
| ikev2_parent_inI2outR2_tail returned STF_FAIL with
v2N_NO_PROPOSAL_CHOSEN
"roadwarriors"[2] 188.233.186.70 #1: sending unencrypted notification
v2N_NO_PROPOSAL_CHOSEN to 188.233.186.70:59155
packet from 188.233.186.70:59155: sending unencrypted notification
v2N_INVALID_IKE_SPI to 188.233.186.70:59155
packet from 188.233.186.70:59155: sending unencrypted notification
v2N_INVALID_IKE_SPI to 188.233.186.70:59155
packet from 188.233.186.70:59155: sending unencrypted notification
v2N_INVALID_IKE_SPI to 188.233.186.70:59155
packet from 188.233.186.70:59155: sending unencrypted notification
v2N_INVALID_IKE_SPI to 188.233.186.70:59155
packet from 188.233.186.70:59155: sending unencrypted notification
v2N_INVALID_IKE_SPI to 188.233.186.70:59155
packet from 188.233.186.70:59155: sending unencrypted notification
v2N_INVALID_IKE_SPI to 188.233.186.70:59155
packet from 188.233.186.70:59155: sending unencrypted notification
v2N_INVALID_IKE_SPI to 188.233.186.70:59155
packet from 188.233.186.70:59155: sending unencrypted notification
v2N_INVALID_IKE_SPI to 188.233.186.70:59155
packet from 188.233.186.70:59155: sending unencrypted notification
v2N_INVALID_IKE_SPI to 188.233.186.70:59155
packet from 188.233.186.70:59155: sending unencrypted notification
v2N_INVALID_IKE_SPI to 188.233.186.70:59155

The config is:

config setup
	protostack = netkey
        uniqueids = no

conn roadwarriors
        ikev2=insist
        mobike=yes
        fragmentation=yes
        narrowing=yes

        left=1.2.3.4
        leftsendcert=always
        leftsubnet=0.0.0.0/0
        leftcert="Main IPSec Gateway"
        leftid=%fromcert
        leftrsasigkey=%cert
        leftxauthserver=yes
        leftmodecfgserver=yes

        right=%any
        rightca=%same
        rightrsasigkey=%cert
        rightaddresspool=100.64.0.0-100.64.0.254
        rightxauthclient=yes
        rightmodecfgclient=yes
        
        modecfgdns="1.1.1.1,8.8.8.8"
        modecfgpull=yes

        ike=aes_gcm_c-sha2;dh19,aes-sha2;dh19,serpent-sha2;dh19,aes-
sha2;modp1024
        phase2=esp
        
        authby=rsasig
        xauthby=alwaysok
        
        auto=add
        rekey=no

        dpddelay=30

I am running CentOS 7 with libreswan 3.23 on "left" side.
Any ideas? Thanks!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5246 bytes
Desc: not available
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20180425/2c412f1a/attachment.bin>

More information about the Swan mailing list