[Swan] Roadwarrior and NAT

Phil Nightowl phil.nightowl at gmail.com
Fri Oct 15 12:48:09 UTC 2021


> Can you change auto=ondemand to auto=start ? On demand is a bit odd for 
> “all traffic”.

I did not know it had any impact on addressing. The original idea was that 
the connection to the server is not always necessary for the roadwarrior 
(e. g. when one just wants to quickly look up something on the web) and it 
saves some time and memory in that case.

But nevertheless, I changed that.

> Perhaps you also want to reduce the 0.0.0.0/0 to the range you want to 
> talk to at the server end. Eg in both server and client config.

Okay, I hope this is what you had in mind. The resulting configs are now:


> >>> A brief summary:
> >>> 
> >>> server --------------- NAT1 -------- internet --- NAT2 ------ roadwarrior
> >>> 172.16.0.129   172.16.0.254/1.2.3.4             10.0.0.x       10.0.0.y

> >>> Server (responder):
> >>> -------------------
> > conn roadw
conn kancl
     type=tunnel
     left=%defaultroute
     leftid=@server
     leftsubnet=172.16.0.0/24
     right=%any
     rightid=@roadw
     rightaddresspool=100.64.0.1-100.64.0.10
     narrowing=yes
     auto=add
     ikev2=insist
     authby=secret
     pfs=yes
     aggressive=no
     salifetime=1h
     negotiationshunt=hold
     failureshunt=drop
     rekey=no


> >>> Roadwarrior (initiator):
> >>> ------------------------
conn server
    left=%defaultroute
    leftid=@roadw
    right=185.99.177.173
    rightid=@server
    ikev2=insist
    auto=start
    authby=secret
    pfs=yes
    aggressive=no
    salifetime=1h
    negotiationshunt=hold
    failureshunt=drop
    narrowing=yes
    leftsubnet=0.0.0.0/0
    rightsubnet=172.16.0.0/24


This unfortunately yields again no ipsec connection brought fully up. And 
again, the handshake fails due to traffic selectors. This time, it is even 
worse - at least security-wise - since pluto lets packets through in clear. 
This is the log, this time from the responder (IMO, it was more relevant 
this time):

pluto[3635]: | concluding with best_match=014 best=0x993cf0 (lineno=2)
pluto[3635]: | returning because exact peer id match
pluto[3635]: | offered CA: '%none'
pluto[3635]: "roadw"[1] 9.8.7.6 #1: IKEv2 mode peer ID is ID_FQDN: '@roadw'
pluto[3635]: | ikev2_calculate_psk_sighash() called from STATE_PARENT_R1 to verify PSK with authby=secret
pluto[3635]: | started looking for secret for @server->@roadw of kind PKK_PSK
pluto[3635]: | actually looking for secret for @server->@roadw of kind PKK_PSK
pluto[3635]: | line 2: key type PKK_PSK(@server) to type PKK_PSK
pluto[3635]: | 1: compared key 172.16.0.129 to @server / @roadw -> 000
pluto[3635]: | 2: compared key 10.0.0.13 to @server / @roadw -> 000
pluto[3635]: | 3: compared key @roadw to @server / @roadw -> 004
pluto[3635]: | 4: compared key @server to @server / @roadw -> 014
pluto[3635]: | 5: compared key 1.2.3.4 to @server / @roadw -> 014
pluto[3635]: | 6: compared key 9.8.7.6 to @server / @roadw -> 014
pluto[3635]: | line 2: match=014
pluto[3635]: | match 014 beats previous best_match 000 match=0x993cf0 (line=2)
pluto[3635]: | concluding with best_match=014 best=0x993cf0 (lineno=2)
pluto[3635]: "roadw"[1] 9.8.7.6 #1: Authenticated using authby=secret
pluto[3635]: | parent state #1: STATE_PARENT_R1(half-open-ike) => STATE_PARENT_R2(established-authenticated-ike)
pluto[3635]: | ignore states: 0
pluto[3635]: | half-open-ike states: 0
pluto[3635]: | open-ike states: 0
pluto[3635]: | established-anonymous-ike states: 0
pluto[3635]: | established-authenticated-ike states: 1
pluto[3635]: | anonymous-ipsec states: 0
pluto[3635]: | authenticated-ipsec states: 0
pluto[3635]: | informational states: 0
pluto[3635]: | unknown states: 0
pluto[3635]: | category states: 1 count states: 1
pluto[3635]: | ikev2_replace_delay() picked up estblished ike_life:3600
pluto[3635]: | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
pluto[3635]: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe at 0x9990d8
pluto[3635]: | event_schedule: new EVENT_SA_EXPIRE-pe at 0x9990d8
pluto[3635]: | inserting event EVENT_SA_EXPIRE, timeout in 3330.000 seconds for #1
pluto[3635]: | **emit ISAKMP Message:
pluto[3635]: |    initiator cookie:
pluto[3635]: |   1e a3 63 5b  40 6a f2 a3
pluto[3635]: |    responder cookie:
pluto[3635]: |   0a 32 2d e2  c5 8a e9 03
pluto[3635]: |    next payload type: ISAKMP_NEXT_v2SK (0x2e)
pluto[3635]: |    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
pluto[3635]: |    exchange type: ISAKMP_v2_AUTH (0x23)
pluto[3635]: |    flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
pluto[3635]: |    message ID:  00 00 00 01
pluto[3635]: | next payload type: saving message location 'ISAKMP Message'.'next payload type'
pluto[3635]: | IKEv2 CERT: send a certificate?
pluto[3635]: | IKEv2 CERT: policy does not have RSASIG or ECDSA: PSK
pluto[3635]: | next payload type: previous 'ISAKMP Message'.'next payload type' matches 'IKEv2 Encryption Payload' (46:ISAKMP_NEXT_v2SK)
pluto[3635]: | ***emit IKEv2 Encryption Payload:
pluto[3635]: |    next payload type: ISAKMP_NEXT_v2IDr (0x24)
pluto[3635]: |    flags: none (0x0)
pluto[3635]: | next payload type: saving message location 'IKEv2 Encryption Payload'.'next payload type'
pluto[3635]: | emitting 8 raw bytes of IV into IKEv2 Encryption Payload
pluto[3635]: | IV  e9 43 12 65  b1 8f 99 9c
pluto[3635]: | ****emit IKEv2 encrypted portion:
pluto[3635]: | next payload type: previous 'IKEv2 Encryption Payload'.'next payload type' matches 'IKEv2 Identification - Responder - Payload>
pluto[3635]: | *****emit IKEv2 Identification - Responder - Payload:
pluto[3635]: |    next payload type: ISAKMP_NEXT_v2NONE (0x0)
pluto[3635]: |    flags: none (0x0)
pluto[3635]: |    ID type: ID_FQDN (0x2)
pluto[3635]: | next payload type: saving payload location 'IKEv2 Identification - Responder - Payload'.'next payload type'
pluto[3635]: | emitting 7 raw bytes of my identity into IKEv2 Identification - Responder - Payload
pluto[3635]: | my identity  73 .. .. 
pluto[3635]: | emitting length of IKEv2 Identification - Responder - Payload: 15
pluto[3635]: | assembled IDr payload
pluto[3635]: | CHILD SA proposals received
pluto[3635]: | going to assemble AUTH payload
pluto[3635]: | next payload type: setting 'IKEv2 Identification - Responder - Payload'.'next payload type' to IKEv2 Authentication Payload (3>
pluto[3635]: | *****emit IKEv2 Authentication Payload:
pluto[3635]: |    next payload type: ISAKMP_NEXT_v2SA (0x21)
pluto[3635]: |    flags: none (0x0)
pluto[3635]: |    auth method: IKEv2_AUTH_SHARED (0x2)
pluto[3635]: | next payload type: saving payload location 'IKEv2 Authentication Payload'.'next payload type'
pluto[3635]: | ikev2_calculate_psk_sighash() called from STATE_PARENT_R2 to create PSK with authby=secret
pluto[3635]: | started looking for secret for @server->@roadw of kind PKK_PSK
pluto[3635]: | actually looking for secret for @server->@roadw of kind PKK_PSK
pluto[3635]: | line 2: key type PKK_PSK(@server) to type PKK_PSK
pluto[3635]: | 1: compared key 172.16.0.129 to @server / @roadw -> 000
pluto[3635]: | 2: compared key 10.0.0.13 to @server / @roadw -> 000
pluto[3635]: | 3: compared key @roadw to @server / @roadw -> 004
pluto[3635]: | 4: compared key @server to @server / @roadw -> 014
pluto[3635]: | 5: compared key 1.2.3.4 to @server / @roadw -> 014
pluto[3635]: | 6: compared key 9.8.7.6 to @server / @roadw -> 014
pluto[3635]: | line 2: match=014
pluto[3635]: | match 014 beats previous best_match 000 match=0x993cf0 (line=2)
pluto[3635]: | concluding with best_match=014 best=0x993cf0 (lineno=2)
pluto[3635]: | emitting 64 raw bytes of PSK auth into IKEv2 Authentication Payload
pluto[3635]: | PSK auth  8d e8 ..
pluto[3635]: | PSK auth  4c 99 ..
pluto[3635]: | PSK auth  48 18 ..
pluto[3635]: | PSK auth  37 0e ..
pluto[3635]: | emitting length of IKEv2 Authentication Payload: 72
pluto[3635]: | TS: parse initiator traffic selectors
pluto[3635]: | ***parse IKEv2 Traffic Selector:
pluto[3635]: |    TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7)
pluto[3635]: |    IP Protocol ID: 0 (0x0)
pluto[3635]: |    length: 16 (0x10)
pluto[3635]: |    start port: 0 (0x0)
pluto[3635]: |    end port: 65535 (0xffff)
pluto[3635]: | parsing 4 raw bytes of IKEv2 Traffic Selector into ipv4 ts low
pluto[3635]: | ipv4 ts low  00 00 00 00
pluto[3635]: | parsing 4 raw bytes of IKEv2 Traffic Selector into ipv4 ts high
pluto[3635]: | ipv4 ts high  ff ff ff ff
pluto[3635]: | TS: parse responder traffic selectors
pluto[3635]: | ***parse IKEv2 Traffic Selector:
pluto[3635]: |    TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7)
pluto[3635]: |    IP Protocol ID: 0 (0x0)
pluto[3635]: |    length: 16 (0x10)
pluto[3635]: |    start port: 0 (0x0)
pluto[3635]: |    end port: 65535 (0xffff)
pluto[3635]: | parsing 4 raw bytes of IKEv2 Traffic Selector into ipv4 ts low
pluto[3635]: | ipv4 ts low  c0 a8 85 00
pluto[3635]: | parsing 4 raw bytes of IKEv2 Traffic Selector into ipv4 ts high
pluto[3635]: | ipv4 ts high  c0 a8 85 ff
pluto[3635]: |   ikev2_evaluate_connection_fit evaluating our conn="roadw"[1] 9.8.7.6 I=9.8.7.6/32:0/0 R=172.16.0.0/24:0/0  to their:
pluto[3635]: |     tsi[0]=0.0.0.0-255.255.255.255 proto=0 portrange 0-65535, tsr[0]=172.16.0.0-172.16.0.255 proto=0 portrange 0-65535
pluto[3635]: | prefix fitness rejected c roadw c->name
pluto[3635]: | find_host_pair: comparing 172.16.0.129:500 to 0.0.0.0:500
pluto[3635]: | find_host_pair: comparing 172.16.0.129:500 to 9.8.7.6:500
pluto[3635]: |   checking hostpair 172.16.0.0/24 -> 9.8.7.6/32 is found
pluto[3635]: |    match_id a=@roadw
pluto[3635]: |             b=@roadw
pluto[3635]: |    results  matched
pluto[3635]: | investigating connection "roadw" as a better match
pluto[3635]: |   ikev2_evaluate_connection_fit evaluating our conn="roadw"[1] 9.8.7.6 I=9.8.7.6/32:0/0 R=172.16.0.0/24:0/0  to their:
pluto[3635]: |     tsi[0]=0.0.0.0-255.255.255.255 proto=0 portrange 0-65535, tsr[0]=172.16.0.0-172.16.0.255 proto=0 portrange 0-65535
pluto[3635]: | prefix fitness rejected d roadw
pluto[3635]: | connection "roadw-ssh-pass" does not match IDs or CA of current connection "roadw"
pluto[3635]: | we did not switch connection
pluto[3635]: | failed to find anything; can we instantiate another template?
pluto[3635]: | ikev2_child_sa_respond returned STF_FAIL+v2N_TS_UNACCEPTABLE
pluto[3635]: | ikev2_parent_inI2outR2_continue_tail returned STF_FAIL+v2N_TS_UNACCEPTABLE
pluto[3635]: | processing: [RE]START state #1 connection "roadw"[1] 9.8.7.6 9.8.7.6:4500 (in complete_v2_state_transition() at ikev2.c:2788)
pluto[3635]: | #1 complete v2 state transition from STATE_PARENT_R2 with STF_FAIL+v2N_TS_UNACCEPTABLE
pluto[3635]: | sending a notification reply
pluto[3635]: "roadw"[1] 9.8.7.6 #1: responding to AUTH message (ID 1) from 9.8.7.6:4500 with encrypted notification TS_UNACCEPTABLE
pluto[3635]: | Opening output PBS encrypted notification
pluto[3635]: | **emit ISAKMP Message:
pluto[3635]: |    initiator cookie:
pluto[3635]: |   1e a3 63 5b  40 6a f2 a3
pluto[3635]: |    responder cookie:
pluto[3635]: |   0a 32 2d e2  c5 8a e9 03
pluto[3635]: |    next payload type: ISAKMP_NEXT_NONE (0x0)
pluto[3635]: |    ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
pluto[3635]: |    exchange type: ISAKMP_v2_AUTH (0x23)
pluto[3635]: |    flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
pluto[3635]: |    message ID:  00 00 00 01
pluto[3635]: | next payload type: saving message location 'ISAKMP Message'.'next payload type'
pluto[3635]: | next payload type: setting 'ISAKMP Message'.'next payload type' to IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK)
pluto[3635]: | ***emit IKEv2 Encryption Payload:
pluto[3635]: |    next payload type: ISAKMP_NEXT_v2NONE (0x0)
pluto[3635]: |    flags: none (0x0)
pluto[3635]: | next payload type: saving message location 'IKEv2 Encryption Payload'.'next payload type'
pluto[3635]: | emitting 8 raw bytes of IV into IKEv2 Encryption Payload
pluto[3635]: | IV  8f 79 5d 6d  ca 93 a3 40
pluto[3635]: | Adding a v2N Payload
pluto[3635]: | next payload type: setting 'IKEv2 Encryption Payload'.'next payload type' to IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N)
pluto[3635]: | ****emit IKEv2 Notify Payload:
pluto[3635]: |    next payload type: ISAKMP_NEXT_v2NONE (0x0)
pluto[3635]: |    flags: none (0x0)
pluto[3635]: |    Protocol ID: PROTO_v2_RESERVED (0x0)
pluto[3635]: |    SPI size: 0 (0x0)
pluto[3635]: |    Notify Message Type: v2N_TS_UNACCEPTABLE (0x26)
pluto[3635]: | next payload type: saving payload location 'IKEv2 Notify Payload'.'next payload type'
pluto[3635]: | emitting length of IKEv2 Notify Payload: 8
pluto[3635]: | adding 1 bytes of padding (including 1 byte padding-length)
pluto[3635]: | emitting 1 raw bytes of padding and length into IKEv2 Encryption Payload
pluto[3635]: | padding and length  00
pluto[3635]: | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload
pluto[3635]: | emitting length of IKEv2 Encryption Payload: 37
pluto[3635]: | emitting length of ISAKMP Message: 65
pluto[3635]: | sending 69 bytes for v2 notify through eth2:4500 to 9.8.7.6:4500 (using #1)
pluto[3635]: |   00 00 00 00  1e a3 63 5b  40 6a f2 a3  0a 32 2d e2
pluto[3635]: |   c5 8a e9 03  2e 20 23 20  00 00 00 01  00 00 00 41
pluto[3635]: |   29 00 00 25  8f 79 5d 6d  ca 93 a3 40  1a c8 ae 02
pluto[3635]: |   c0 f4 f9 e7  05 31 71 d9  6b d9 6e 46  00 7c 31 85
pluto[3635]: |   0c 87 e0 64  4c
pluto[3635]: | state #1 requesting EVENT_SA_EXPIRE to be deleted
pluto[3635]: | free_event_entry: release EVENT_SA_EXPIRE-pe at 0x9990d8
pluto[3635]: | event_schedule: new EVENT_v2_RESPONDER_TIMEOUT-pe at 0x9990d8


Any hints? I am even more puzzled than before.

Many thanks,

Phil


More information about the Swan mailing list