[Swan] Libreswan to Cisco IOS

John Serink jserink2004 at yahoo.com
Thu Dec 10 12:10:11 UTC 2020


 
  Hi All:
Further to this, I since searched the email lists and found that libreswan does NOT support asymmetric PSK keys. That is "very" disappointing since the ikev2 RFC supports this.
Any possibility of getting this added?Asymmetric keys are a step up from using a common key for all remote hosts.
Cheers,John
    On Wednesday, December 9, 2020, 10:11:21 PM GMT+8, John Serink <jserink2004 at yahoo.com> wrote:  
 
 Hi All:
My system:jserink at jserinki7 ~ $ ipsec --versionLinux Libreswan 3.29 (netkey) on 5.4.80-gentoo-r1
Cisco Version:Cisco IOS XE Software, Version 16.12.04Cisco IOS Software [Gibraltar], ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 16.12.4, RELEASE SOFTWARE (fc5)

I am trying to get a session working from my laptop to my IOS router using ikev2. I have it working using ikev1 fine but want to get it up using asymmetric keys to the Cisco.
Here is the my laptop end:jserinki7 /home/jserink # ipsec auto --up SOIUKUP2002 "SOIUKUP2" #1: initiating v2 parent SA133 "SOIUKUP2" #1: initiate002 "SOIUKUP2": constructed local IKE proposals for SOIUKUP2 (IKE SA initiator selecting KE): 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048133 "SOIUKUP2" #1: STATE_PARENT_I1: sent v2I1, expected v2R1002 "SOIUKUP2": constructed local ESP/AH proposals for SOIUKUP2 (IKE SA initiator emitting ESP/AH proposals): 1:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_256_128;DH=NONE;ESN=DISABLED134 "SOIUKUP2" #2: STATE_PARENT_I2: sent v2I2, expected v2R2 {auth=IKEv2 cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}002 "SOIUKUP2" #2: IKEv2 mode peer ID is ID_KEY_ID: '@#0x4343726f75746572'003 "SOIUKUP2" #2: AUTH mismatch: Received AUTH != computed AUTH002 "SOIUKUP2" #2: PSK Authentication failed: AUTH mismatch in R2 Auth Payload!036 "SOIUKUP2" #2: encountered fatal error in state STATE_PARENT_I2

According to ipsec, the connection failed. 
But look at the Cisco end:Dec  9 13:40:51.723: IKEv2:(SESSION ID = 95705,SA ID = 53):Get my authentication methodDec  9 13:40:51.723: IKEv2:(SESSION ID = 95705,SA ID = 53):My authentication method is 'PSK'Dec  9 13:40:51.723: IKEv2:(SESSION ID = 95705,SA ID = 53):Get peer's preshared key for jserinkDec  9 13:40:51.723: IKEv2:(SESSION ID = 95705,SA ID = 53):Generate my authentication dataDec  9 13:40:51.723: IKEv2:(SESSION ID = 95705,SA ID = 53):Use preshared key for id CCrouter, key len 36Dec  9 13:40:51.724: IKEv2:(SESSION ID = 95705,SA ID = 53):[IKEv2 -> Crypto Engine] Generate IKEv2 authentication dataDec  9 13:40:51.724: IKEv2:(SESSION ID = 95705,SA ID = 53):[Crypto Engine -> IKEv2] IKEv2 authentication data generation PASSEDDec  9 13:40:51.724: IKEv2:(SESSION ID = 95705,SA ID = 53):Get my authentication methodDec  9 13:40:51.724: IKEv2:(SESSION ID = 95705,SA ID = 53):My authentication method is 'PSK'Dec  9 13:40:51.724: IKEv2:(SESSION ID = 95705,SA ID = 53):Generating IKE_AUTH messageDec  9 13:40:51.724: IKEv2:(SESSION ID = 95705,SA ID = 53):Constructing IDr payload: 'CCrouter' of type 'key ID'Dec  9 13:40:51.724: IKEv2:(SESSION ID = 95705,SA ID = 53):ESP Proposal: 1, SPI size: 4 (IPSec negotiation), Num. transforms: 3   AES-CBC   SHA256   Don't use ESNDec  9 13:40:51.725: IKEv2:(SESSION ID = 95705,SA ID = 53):Building packet for encryption.  Payload contents:  VID IDr AUTH SA TSi TSr NOTIFY(SET_WINDOW_SIZE) NOTIFY(ESP_TFC_NO_SUPPORT) NOTIFY(NON_FIRST_FRAGS) 
Dec  9 13:40:51.725: IKEv2:(SESSION ID = 95705,SA ID = 53):Sending Packet [To 220.255.242.218:4500/From 103.205.244.106:4500/VRF i0:f0] Initiator SPI : FC31A66839097ABB - Responder SPI : D17B8C298659627C Message id: 1IKEv2 IKE_AUTH Exchange RESPONSE Payload contents:  ENCR 
Dec  9 13:40:51.726: IKEv2:(SESSION ID = 95705,SA ID = 53):IKEV2 SA created; inserting SA into database. SA lifetime timer (14400 sec) startedDec  9 13:40:51.726: IKEv2:(SESSION ID = 95705,SA ID = 53):Session with IKE ID PAIR (jserink, CCrouter) is UPDec  9 13:40:51.726: IKEv2:(SESSION ID = 95705,SA ID = 53):Initializing DPD, configured for 0 secondsDec  9 13:40:51.726: IKEv2:(SESSION ID = 0,SA ID = 0):IKEv2 MIB tunnel started, tunnel index 53Dec  9 13:40:51.726: IKEv2:(SESSION ID = 95705,SA ID = 53):Load IPSEC key materialDec  9 13:40:51.727: IKEv2:(SESSION ID = 95705,SA ID = 53):(SA ID = 53):[IKEv2 -> IPsec] Create IPsec SA into IPsec databaseDec  9 13:40:51.740: IKEv2:(SESSION ID = 95705,SA ID = 53):(SA ID = 53):[IPsec -> IKEv2] Creation of IPsec SA into IPsec database PASSEDDec  9 13:40:51.740: IKEv2:(SESSION ID = 95705,SA ID = 53):Checking for duplicate IKEv2 SADec  9 13:40:51.741: IKEv2:(SESSION ID = 95705,SA ID = 53):No duplicate IKEv2 SA foundDec  9 13:40:51.741: IKEv2:(SESSION ID = 95705,SA ID = 53):Starting timer (8 sec) to delete negotiation context

The Cisco is happy, it thinks the session is up and shows my laptop in the "sh crypto session br" listing.
Here is my "redacted" ipsec.conf:conn SOIUKUP2     keyingtries=0     left=%defaultroute     leftsourceip=2.2.22.22     leftsubnet=2.2.22.22/32     leftid=@[jserink]     leftauth=secret     rightauth=secret     ike=aes256-sha2;modp2048     phase2alg=aes256-sha2;modp2048     auto=add     type=tunnel     right=A.B.C.D     rightsubnet=1.1.1.10/32     rightsourceip=1.1.1.10     rightid=@[CCrouter]     fragmentation=yes     dpdtimeout=30     dpdaction=restart     ikev2=yes     pfs=yes


And the ipsec.secrets:@[jserink] : PSK "Here is my psk for jserink"@[CCrouter] : PSK "Here is my psk for CCrouter"include /etc/ipsec.d/*.secrets
Note I have a tap0 interface setup:jserinki7 /home/jserink # ip addr show tap04: tap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    link/ether 56:27:58:1b:bc:e9 brd ff:ff:ff:ff:ff:ff    inet 192.168.100.1/24 brd 192.168.100.255 scope global tap0       valid_lft forever preferred_lft forever    inet 2.2.22.22/32 scope global tap0       valid_lft forever preferred_lft forever    inet6 fe80::5427:58ff:fe1b:bce9/64 scope link        valid_lft forever preferred_lft forever
i use the tap0 2.2.22.22 and the Cisco loopback1 as my ipsec and gre endpoints.

Cisco end:no crypto ikev2 proposal defaultcrypto ikev2 proposal ikev2-prop-one  encryption aes-cbc-256 integrity sha256 group 14
crypto ikev2 policy SOIpolicy  proposal ikev2-prop-oneno crypto ikev2 policy default
crypto ikev2 keyring SOIkeyring
 peer jserink  identity key-id jserink  pre-shared-key remote Here is my psk for jserink !crypto ikev2 profile SOIprofile
 match identity remote key-id jserink
 identity local key-id CCrouter authentication remote pre-share authentication local pre-share key Here is my psk for CCrouter keyring local SOIkeyring lifetime 14400 dpd 30 2 on-demand nat force-encap initial-contact force
crypto ikev2 window 6crypto ikev2 fragmentation mtu 512
crypto dynamic-map mainmap 100 description Dynamic map for the CORS sites using ikev2 set security-association lifetime kilobytes disable set security-association lifetime seconds 14400 set transform-set mainset  set pfs group14 set ikev2-profile SOIprofile
crypto ipsec transform-set mainset esp-aes 256 esp-sha256-hmac  mode tunnel

crypto map soimainmap 100 ipsec-isakmp dynamic mainmap 

interface Loopback1 description new address to use for admin to avoid 1.1.1.1 ip address 1.1.1.10 255.255.255.255 no ip redirects no ip unreachables!


So, I've got 62 x Digi WR21s connected using IKEv2 currently on the system and am experimenting with using a small linux based router to replace the Digis as we're have NAT-T issues with the Digis and support problems.
Anyhow, so.....As above, the Cisco thinks we have negotiated a bunch of SAs....libreswan disagrees.Can anyone see where my configs for libreswan are wrong? I'm sure there are loads of mistakes.
Cheers,John




    
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20201210/aef1603e/attachment-0001.html>


More information about the Swan mailing list