[Swan] Roadwarrior and NAT

Phil Nightowl phil.nightowl at gmail.com
Mon Oct 11 16:03:09 UTC 2021


Hello everyone!

I need roadwarrior access to a small server, which itself is behind a NAT, 
so there is NAT on both sides of the connection. However, neither party is 
performing the NAT itself - that is done by the respective gateways on both 
ends, which are on the other hand not involved in the ipsec connection. On 
the server, the NATting gateway is forwarding esp/ah, udp/500 and udp/4500 
to the server (responder).

A brief summary:

server --------------- NAT1 -------- internet --- NAT2 ------ roadwarrior
172.16.0.129   172.16.0.254/1.2.3.4             10.0.0.x       10.0.0.y


Both server and roadwarrior are going to use certificates in production; 
but to make debugging simpler, I temporarily switched to PSKs. The current 
configs are as follows:


Server (responder):
-------------------
conn roadw
     type=tunnel
     left=%defaultroute
     leftid=@server
     leftsubnet=0.0.0.0/0
     right=%any
     rightid=@roadw
     rightsubnet=vhost:%priv,%no
     auto=add
     ikev2=insist
     authby=secret
     pfs=yes
     aggressive=no
     salifetime=1h
     negotiationshunt=hold
     failureshunt=drop
     rekey=no


Roadwarrior (initiator):
------------------------
conn server
    left=%defaultroute
    leftid=@roadw
    right=1.2.3.4
    rightid=@server
    ikev2=insist
    auto=ondemand
    authby=secret
    pfs=yes
    aggressive=no
    salifetime=1h
    negotiationshunt=hold
    failureshunt=drop

I have left out two more conns, used solely to pass SSH traffic through 
without any ipsec processing.

With such configuration, I unfortunately cannot get the connection set up. 
When initiating a connection from the roadwarrior, the first handshake gets 
through as expected (v2i1, v2r1, v2i2), the port switch from 500 to 4500 is 
performed as well. The PSK authentication works, too. Following that, I am 
however getting an error on incorrect traffic selectors. This is the 
relevant snippet from the server's (responder's) pluto log:

pluto[15505]: "roadw"[1] 9.8.7.6 #1: Authenticated using authby=secret
pluto[15505]: | parent state #1: STATE_PARENT_R1(half-open-ike) => STATE_PARENT_R2(established-authenticated-ike)
pluto[15505]: | ignore states: 0
pluto[15505]: | half-open-ike states: 0
pluto[15505]: | open-ike states: 0
pluto[15505]: | established-anonymous-ike states: 0
pluto[15505]: | established-authenticated-ike states: 1
pluto[15505]: | anonymous-ipsec states: 0
pluto[15505]: | authenticated-ipsec states: 0
pluto[15505]: | informational states: 0
pluto[15505]: | unknown states: 0
pluto[15505]: | category states: 1 count states: 1
pluto[15505]: | ikev2_replace_delay() picked up estblished ike_life:3600
pluto[15505]: | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
pluto[15505]: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe at 0x6ac078
pluto[15505]: | event_schedule: new EVENT_SA_EXPIRE-pe at 0x6ac078
pluto[15505]: | inserting event EVENT_SA_EXPIRE, timeout in 3330.000 seconds for #1
pluto[15505]: | **emit ISAKMP Message:
pluto[15505]: |    initiator cookie:
pluto[15505]: |   85 53 5d e4  77 82 6f 26
pluto[15505]: |    responder cookie:
pluto[15505]: |   65 e3 ad c8  cf 51 fe ff
pluto[15505]: |    next payload type: ISAKMP_NEXT_v2SK (0x2e)
pluto[15505]: |    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
pluto[15505]: |    exchange type: ISAKMP_v2_AUTH (0x23)
pluto[15505]: |    flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
pluto[15505]: |    message ID:  00 00 00 01
pluto[15505]: | next payload type: saving message location 'ISAKMP Message'.'next payload type'
pluto[15505]: | IKEv2 CERT: send a certificate?
pluto[15505]: | IKEv2 CERT: policy does not have RSASIG or ECDSA: PSK
pluto[15505]: | next payload type: previous 'ISAKMP Message'.'next payload type' matches 'IKEv2 Encryption Payload' (46:ISAKMP_NEXT_v2SK)
pluto[15505]: | ***emit IKEv2 Encryption Payload:
pluto[15505]: |    next payload type: ISAKMP_NEXT_v2IDr (0x24)
pluto[15505]: |    flags: none (0x0)
pluto[15505]: | next payload type: saving message location 'IKEv2 Encryption Payload'.'next payload type'
pluto[15505]: | emitting 8 raw bytes of IV into IKEv2 Encryption Payload
pluto[15505]: | IV  45 74 83 2d  43 0f 90 e6
pluto[15505]: | ****emit IKEv2 encrypted portion:
pluto[15505]: | next payload type: previous 'IKEv2 Encryption Payload'.'next payload type' matches 'IKEv2 Identification - Responder - Payload' (36:ISAKMP_NEXT_v2IDr)
pluto[15505]: | *****emit IKEv2 Identification - Responder - Payload:
pluto[15505]: |    next payload type: ISAKMP_NEXT_v2NONE (0x0)
pluto[15505]: |    flags: none (0x0)
pluto[15505]: |    ID type: ID_FQDN (0x2)
pluto[15505]: | next payload type: saving payload location 'IKEv2 Identification - Responder - Payload'.'next payload type'
pluto[15505]: | emitting 7 raw bytes of my identity into IKEv2 Identification - Responder - Payload
pluto[15505]: | my identity  70 61 6e 64  6f 72 61
pluto[15505]: | emitting length of IKEv2 Identification - Responder - Payload: 15
pluto[15505]: | assembled IDr payload
pluto[15505]: | CHILD SA proposals received
pluto[15505]: | going to assemble AUTH payload
pluto[15505]: | next payload type: setting 'IKEv2 Identification - Responder - Payload'.'next payload type' to IKEv2 Authentication Payload (39:ISAKMP_NEXT_v2AUTH)
pluto[15505]: | *****emit IKEv2 Authentication Payload:
pluto[15505]: |    next payload type: ISAKMP_NEXT_v2SA (0x21)
pluto[15505]: |    flags: none (0x0)
pluto[15505]: |    auth method: IKEv2_AUTH_SHARED (0x2)
pluto[15505]: | next payload type: saving payload location 'IKEv2 Authentication Payload'.'next payload type'
pluto[15505]: | ikev2_calculate_psk_sighash() called from STATE_PARENT_R2 to create PSK with authby=secret
pluto[15505]: | started looking for secret for @server->@roadw of kind PKK_PSK
pluto[15505]: | actually looking for secret for @server->@roadw of kind PKK_PSK
pluto[15505]: | line 2: key type PKK_PSK(@server) to type PKK_PSK
pluto[15505]: | 1: compared key 172.16.0.129 to @server / @roadw -> 000
pluto[15505]: | 2: compared key 10.0.0.13 to @server / @roadw -> 000
pluto[15505]: | 3: compared key @roadw to @server / @roadw -> 004
pluto[15505]: | 4: compared key @server to @server / @roadw -> 014
pluto[15505]: | 5: compared key 1.2.3.4 to @server / @roadw -> 014
pluto[15505]: | 6: compared key 9.8.7.6 to @server / @roadw -> 014
pluto[15505]: | line 2: match=014
pluto[15505]: | match 014 beats previous best_match 000 match=0x67ce08 (line=2)
pluto[15505]: | concluding with best_match=014 best=0x67ce08 (lineno=2)
pluto[15505]: | emitting 64 raw bytes of PSK auth into IKEv2 Authentication Payload
pluto[15505]: | PSK auth  0b 0c ...
pluto[15505]: | PSK auth  37 44 ...
pluto[15505]: | PSK auth  5c 8a ...
pluto[15505]: | PSK auth  91 09 ...
pluto[15505]: | emitting length of IKEv2 Authentication Payload: 72
pluto[15505]: | TS: parse initiator traffic selectors
pluto[15505]: | ***parse IKEv2 Traffic Selector:
pluto[15505]: |    TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7)
pluto[15505]: |    IP Protocol ID: 0 (0x0)
pluto[15505]: |    length: 16 (0x10)
pluto[15505]: |    start port: 0 (0x0)
pluto[15505]: |    end port: 65535 (0xffff)
pluto[15505]: | parsing 4 raw bytes of IKEv2 Traffic Selector into ipv4 ts low
pluto[15505]: | ipv4 ts low  0a 00 00 8a
pluto[15505]: | parsing 4 raw bytes of IKEv2 Traffic Selector into ipv4 ts high
pluto[15505]: | ipv4 ts high  0a 00 00 8a
pluto[15505]: | TS: parse responder traffic selectors
pluto[15505]: | ***parse IKEv2 Traffic Selector:
pluto[15505]: |    TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7)
pluto[15505]: |    IP Protocol ID: 0 (0x0)
pluto[15505]: |    length: 16 (0x10)
pluto[15505]: |    start port: 0 (0x0)
pluto[15505]: |    end port: 65535 (0xffff)
pluto[15505]: | parsing 4 raw bytes of IKEv2 Traffic Selector into ipv4 ts low
pluto[15505]: | ipv4 ts low  b9 63 b1 ad
pluto[15505]: | parsing 4 raw bytes of IKEv2 Traffic Selector into ipv4 ts high
pluto[15505]: | ipv4 ts high  b9 63 b1 ad
pluto[15505]: |   ikev2_evaluate_connection_fit evaluating our conn="roadw"[1] 9.8.7.6 I=0.0.0.0/32:0/0 R=0.0.0.0/0:0/0 (virt) to their:
pluto[15505]: |     tsi[0]=10.0.0.13-10.0.0.13 proto=0 portrange 0-65535, tsr[0]=1.2.3.4-1.2.3.4 proto=0 portrange 0-65535
pluto[15505]: | prefix fitness rejected c roadw c->name
pluto[15505]: | find_host_pair: comparing 172.16.0.129:500 to 0.0.0.0:500
pluto[15505]: | find_host_pair: comparing 172.16.0.129:500 to 9.8.7.6:500
pluto[15505]: |   checking hostpair 0.0.0.0/0 -> 0.0.0.0/32 is found
pluto[15505]: |    match_id a=@roadw
pluto[15505]: |             b=@roadw
pluto[15505]: |    results  matched
pluto[15505]: | investigating connection "roadw" as a better match
pluto[15505]: |   ikev2_evaluate_connection_fit evaluating our conn="roadw"[1] 9.8.7.6 I=0.0.0.0/32:0/0 R=0.0.0.0/0:0/0 (virt) to their:
pluto[15505]: |     tsi[0]=10.0.0.13-10.0.0.13 proto=0 portrange 0-65535, tsr[0]=1.2.3.4-1.2.3.4 proto=0 portrange 0-65535
pluto[15505]: | prefix fitness rejected d roadw
pluto[15505]: | connection "roadw-ssh-pass" does not match IDs or CA of current connection "roadw"
pluto[15505]: | we did not switch connection
pluto[15505]: | failed to find anything; can we instantiate another template?
pluto[15505]: | ikev2_child_sa_respond returned STF_FAIL+v2N_TS_UNACCEPTABLE
pluto[15505]: | ikev2_parent_inI2outR2_continue_tail returned STF_FAIL+v2N_TS_UNACCEPTABLE
pluto[15505]: | processing: [RE]START state #1 connection "roadw"[1] 9.8.7.6 9.8.7.6:4500 (in complete_v2_state_transition() at ikev2.c:2788)
pluto[15505]: | #1 complete v2 state transition from STATE_PARENT_R2 with STF_FAIL+v2N_TS_UNACCEPTABLE
pluto[15505]: | sending a notification reply
pluto[15505]: "roadw"[1] 9.8.7.6 #1: responding to AUTH message (ID 1) from 9.8.7.6:4500 with encrypted notification TS_UNACCEPTABLE

The 9.8.7.6 denotes the public IP of the NAT2 gw.

Does anyone see what can I do to get the traffic selectors right? If more 
information is necessary, what do I need to send?

Many thanks,

Phil


More information about the Swan mailing list