[Swan] Libreswan 4.3 | Failing with dropping unexpected IKE_SA_INIT message containing NO_PROPOSAL_CHOSEN notification

Blue Aquan blueaquan at zuwissen.com
Thu Mar 25 17:41:08 UTC 2021 

Hi Paul	I made the changes as suggested by you and there's progress, I
see the tunnel is getting established now, but no communication is
happening between the client and Server. By the way this tunnel I am
looking at establishing is between my laptop running CentOS 8 at home
and a CentOS 8 gateway at office which as I mentioned earlier has site-
to-site VPN established successfully to 4 other locations using
Libreswan.  As of now, I am only looking at accessing resources behind
this gateway, eventually the intention is to access all those 4
locations the gateway is talking to.
As of now, the changes and logs look like this
Server side. Replaced Server's public Ip with 1.2.3.4
conn MOBILE	left=1.2.3.4    	leftsubnet=192.168.0.0/24    	
leftcert=europa.abc.com    	leftid=@europa.abc.com    	leftrsa
sigkey=%cert    	leftsendcert=always    	right=%any    	rightsu
bnet=0.0.0.0/0    	rightca=%same    	rightrsasigkey=%cert   
 	auto=add    	dpddelay=60    	dpdtimeout=300    	dpdacti
on=clear    	ikev2=insist	narrowing=yes	fragmentation=yes    	
type=tunnel

Client side
conn EUROPA	left=%defaultroute	leftcert=ceres.xyz.com	leftid=
%fromcert	leftrsasigkey=%cert	leftsubnet=10.10.128.0/24	
leftmodecfgclient=yes	right=1.2.3.4	rightsubnet=192.168.0.0/24	
rightid=@europa.abc.com	rightrsasigkey=%cert	ikev2=insist	rekey=y
es	fragmentation=yes	narrowing=yes	mobike=yes	auto=ad
d

On the client side when an attempt is made.
# ipsec auto --up EUROPA181 "EUROPA"[2] 1.2.3.4 #5: initiating IKEv2
connection181 "EUROPA"[2] 1.2.3.4 #5: sent IKE_SA_INIT request182
"EUROPA"[2] 1.2.3.4 #5: sent IKE_AUTH request {auth=IKEv2
cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048}002
"EUROPA"[2] 1.2.3.4 #5: certificate verified OK:
O=Europa,CN=europa.abc.com002 "EUROPA"[2] 1.2.3.4 #5: IKEv2 mode peer
ID is ID_FQDN: '@europa.abc.com'003 "EUROPA"[2] 1.2.3.4 #5:
authenticated using RSA with SHA2_512003 "EUROPA"[2] 1.2.3.4 #6:
missing v2CP reply, not attempting to setup child SA214 "EUROPA"[2]
1.2.3.4 #6: state transition 'Initiator: process IKE_AUTH response'
failed with v2N_NO_PROPOSAL_CHOSEN002 "EUROPA"[2] 1.2.3.4 #6: deleting
state (STATE_PARENT_I2) aged 60.09774s and NOT sending notification


On the Server side, /var/log/pluto.log shows this. Replaced my public
IP with 6.7.8.9
Mar 25 20:18:03.398343: "MOBILE"[3] 6.7.8.9: local IKE proposals (IKE
SA responder matching remote proposals): Mar 25 20:18:03.398376:
"MOBILE"[3] 6.7.8.9:   1:IKE=AES_GCM_C_256-HMAC_SHA2_512+HMAC_SHA2_256-
NONE-
MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519M
ar 25 20:18:03.398381: "MOBILE"[3] 6.7.8.9:   2:IKE=AES_GCM_C_128-
HMAC_SHA2_512+HMAC_SHA2_256-NONE-
MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519M
ar 25 20:18:03.398385: "MOBILE"[3] 6.7.8.9:   3:IKE=AES_CBC_256-
HMAC_SHA2_512+HMAC_SHA2_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-
MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519M
ar 25 20:18:03.398403: "MOBILE"[3] 6.7.8.9:   4:IKE=AES_CBC_128-
HMAC_SHA2_512+HMAC_SHA2_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-
MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519M
ar 25 20:18:03.398418: "MOBILE"[3] 6.7.8.9 #9: proposal
1:IKE=AES_GCM_C_256-HMAC_SHA2_512-MODP2048 chosen from remote proposals
1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP204
8;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;
DH=CURVE25519[first-match]
2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP204
8;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;
DH=CURVE25519
3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_S
HA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096
;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519
4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_S
HA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096
;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519Mar 25
20:18:03.399828: "MOBILE"[3] 6.7.8.9 #9: sent IKE_SA_INIT reply
{auth=IKEv2 cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512
group=MODP2048}Mar 25 20:18:03.452119: "MOBILE"[3] 6.7.8.9 #9:
processing decrypted IKE_AUTH request:
SK{IDi,CERT,IDr,AUTH,CP,SA,TSi,TSr,N}Mar 25 20:18:03.452836:
"MOBILE"[3] 6.7.8.9 #9: certificate verified OK:
O=Europa,CN=ceres.xyz.comMar 25 20:18:03.452857: "MOBILE"[3] 6.7.8.9
#9: certificate subjectAltName extension does not match ID_IPV4_ADDR
'6.7.8.9'Mar 25 20:18:03.452862: "MOBILE"[3] 6.7.8.9 #9: Peer CERT
payload SubjectAltName does not match peer ID for this connectionMar 25
20:18:03.452880: "MOBILE"[3] 6.7.8.9 #9: X509: connection failed due to
unmatched IKE ID in certificate SANMar 25 20:18:03.452935: "MOBILE"[3]
6.7.8.9 #9: switched from "MOBILE"[3] 6.7.8.9 to "MOBILE"Mar 25
20:18:03.452949: "MOBILE"[3] 6.7.8.9: deleting connection instance with
peer 6.7.8.9 {isakmp=#0/ipsec=#0}Mar 25 20:18:03.452964: "MOBILE"[4]
6.7.8.9 #9: IKEv2 mode peer ID is ID_DER_ASN1_DN: 'CN=ceres.xyz.com,
O=Europa'Mar 25 20:18:03.453185: "MOBILE"[4] 6.7.8.9 #9: authenticated
using RSA with SHA2_512Mar 25 20:18:03.461603: "MOBILE"[4] 6.7.8.9:
local ESP/AH proposals (IKE_AUTH responder matching remote ESP/AH
proposals): Mar 25 20:18:03.461622: "MOBILE"[4]
6.7.8.9:   1:ESP=AES_GCM_C_256-NONE-NONE-DISABLEDMar 25
20:18:03.461626: "MOBILE"[4] 6.7.8.9:   2:ESP=AES_GCM_C_128-NONE-NONE-
DISABLEDMar 25 20:18:03.461630: "MOBILE"[4]
6.7.8.9:   3:ESP=AES_CBC_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-NONE-
DISABLEDMar 25 20:18:03.461633: "MOBILE"[4]
6.7.8.9:   4:ESP=AES_CBC_128-HMAC_SHA2_512_256+HMAC_SHA2_256_128-NONE-
DISABLEDMar 25 20:18:03.461642: "MOBILE"[4] 6.7.8.9 #10: proposal
1:ESP=AES_GCM_C_256-DISABLED SPI=7f84b6fd chosen from remote proposals
1:ESP:ENCR=AES_GCM_C_256;ESN=DISABLED[first-match]
2:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED
3:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;
ESN=DISABLED
4:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;
ESN=DISABLEDMar 25 20:18:03.494155: "MOBILE"[4] 6.7.8.9 #10: negotiated
connection [192.168.0.0-192.168.0.255:0-65535 0] -> [0.0.0.0-
255.255.255.255:0-65535 0]Mar 25 20:18:03.494182: "MOBILE"[4] 6.7.8.9
#10: IPsec SA established tunnel mode {ESPinUDP=>0x7f84b6fd <0xd8d28ada
xfrm=AES_GCM_16_256-NONE NATOA=none NATD=6.7.8.9:28646 DPD=active}



Thanks, Best






On Wed, 2021-03-24 at 15:36 -0400, Paul Wouters wrote:
> On Thu, 25 Mar 2021, Blue Aquan wrote:
> > Server side
> > conn
> > MOBILE        left=europa.abc.com        leftsubnet=192.168.1.0/24
> >         right=%any        rightaddresspool=10.10.128.10-
> > 10.10.128.20
> 
> add leftid=@europa.abc.com
> 
> > Client side
> > conn
> > EUROPA        left=%defaultroute        leftsubnet=10.10.128.0/24  
> >       right=europa.abc.com        rightsubnet=192.168.1.0/24       
> >  rightid=@europa.abc.com
> 
> I cannot tell whether you want a tunnel established from
> 10.10.128.0/24 <-> 192.168.1.0/24Or that you want to hand out an
> addresspool to the client via rightaddresspool=
> If you meant a subnet to subnet, then on the conn MOBILE replace
> theaddresspool line with rightsubnet=10.10.128.0/24
> If you meant giving it a single IP, then remote
> therightsubnet=192.168.1.0/24 and add rightsubnet=0.0.0.0/0 with
> narrowing=yes
> Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20210325/41d41020/attachment.html>

More information about the Swan mailing list