[Swan] Options for Windows clients

Manfred mx2927 at gmail.com
Tue Dec 29 20:29:35 UTC 2020

On 12/29/2020 4:31 AM, Paul Wouters wrote:
> On Mon, 28 Dec 2020, Alex wrote:
>> How can I tell what type of cert I'm using?
> openssl x509 -noout -text -in /your/cert.pem

If you used certutil to generate the certificate directly inside the NSS 
database, you may have to export first, or use something like:

    certutil -L -d sql:/etc/ipsec.d -n your_cert_nickname

See man certutil for details and instructions for use.

>>> One hint might be:
>>> Set-VpnConnectionIPsecConfiguration -ConnectionName "ikev2-cp"
>>> -AuthenticationTransformConstants SHA256128 -CipherTransformConstants
>>> AES256 -EncryptionMethod AES256 -IntegrityCheckMethod SHA256 -PfsGroup
>>> PFS2048 -DHGroup Group14 -PassThru -Force
>>> DH Group14 means MODP2048:
>>> https://www.iana.org/assignments/ikev2-parameters/ikev2-parameters.xhtml#ikev2-parameters-8
>> I've done this, and it appears to make no difference.

No difference means you get back to policy mismatch error or a dialog 
box asking for username and password? "it still doesn't work" doesn't 
say much.

>> There doesn't appear to be any further references to modp1024, but I
>> have no idea what to do next.

I don't see modp1024 either, which would mean something has changed.

>> Based on the strongswan page, I've added the following:
>>  ike=aes256-sha384-prfsha384-modp2048
>>  esp=aes256gcm16-modp2048
> strongswan is not fullt compatible with libreswan. the ike= and esp=
> line take a different format. The above two strongswan lines translate
> to libreswan as:
>    ike=aes256-sha2_384;modp2048
>    esp=aes_gcm256;modp2048

I may add that these instructions define a single cipher set that is 
accepted; at first you may want to stick to the default set, which 
includes many different suites, and then refine to the single set that 
you want at a fine-tuning stage.

>> Can I ask you to review this pastebin output from an attempt to connect?
>> https://pastebin.com/D83HRJnW
>> This is with "plutodebug = all crypt". In addition to the
>> NO_PROPOSAL_CHOSEN messages, the highlights appear to include:

I've given a quick look, and I don't have much more to add to Paul's 
comment below (maybe "all crypt" is too much).

>> find_host_connection local= remote=
>> policy=ECDSA+IKEV2_ALLOW but ignoring ports
>> find_host_connection local= remote=
>> policy=RSASIG+IKEV2_ALLOW but ignoring ports
>> find_host_connection local= remote=
>> policy=PSK+IKEV2_ALLOW but ignoring ports
> This is just our debugging the loop over the existing authentication
> methods and IPs.
> It seems you do not have a connection loaded that satisfies all of these:
> - has ikev2=yes
> - uses left= (or left=%defaultroute) [provided you use left
>    as your local machine, and right for the remote machine options. if
>    you flipped that, you don't have a right= matching these]

I thought if left is the local machine it should use either 
%defaultroute or the /local/ address - I have copy-pasted the paragraph 
from the ipsec.conf manpage in one of my previous answers.

> - uses right= or right=%any
> - uses authby=ecdsa or authby=rsa or authby=secret (or a combination
>    thereof, or it is not set in which case the defaults would include rsa
>    and/or rsa+ecdsa depending on the version of libreswan)
> - an ike= line that matches the remote client proposal list (or the
>    client uses something that is not a default ike parameter when no ike=
>    line is specified)
> You might want to manually add the connection to see if it loads at all:
> ipsec auto --add yourconnname
> Paul

More information about the Swan mailing list