[Swan] Possible to setup multiple connections, partly behind NAT?

Phil Nightowl phil.nightowl at gmail.com
Tue Feb 20 17:09:36 EET 2024 

> > Should I remove the leftsubnet/rightsubnet options altogether?
> 
> Yes.

	So I did. It did not help on its own. To further simplify things and 
to avoid the issue with the mysterious connection switching, I temporarily 
disabled the ipsec connections on 192.168.1.0, (i. e. the conn privlan).

After doing that, I tried to connect from remotehost1.privlan to 
server.privlan - which now should basically be a quite common host-to-host 
connection with NAT in between.

On remotehost1.privlan I get:
================
< ... >
pluto[22373]: using Linux xfrm kernel support code on #1 SMP PREEMPT_DYNAMIC Debian 6.1.55-1~bpo11+1 (2023-10-08)
pluto[22373]: kernel: /proc/sys/net/ipv6/conf/all/disable_ipv6=1 ignore ipv6 holes
pluto[22373]: selinux support is NOT enabled.
pluto[22373]: systemd watchdog for ipsec service configured with timeout of 200000000 usecs
pluto[22373]: watchdog: sending probes every 100 secs
pluto[22373]: seccomp security for helper not supported
pluto[22373]: seccomp security not supported
pluto[22373]: seccomp security for helper not supported
pluto[22373]: "headq": loaded private key matching left certificate 'remotehost1'
pluto[22373]: "headq": added IKEv2 connection
pluto[22373]: "headq-ssh-pass": added passthrough connection
pluto[22373]: listening for IKE messages
pluto[22373]: Kernel supports NIC esp-hw-offload
pluto[22373]: adding UDP interface enp2s0 10.0.1.138:500
pluto[22373]: adding UDP interface enp2s0 10.0.1.138:4500
pluto[22373]: adding UDP interface lo 127.0.0.1:500
pluto[22373]: adding UDP interface lo 127.0.0.1:4500
pluto[22373]: forgetting secrets
pluto[22373]: loading secrets from "/etc/ipsec.secrets"
pluto[22373]: no secrets filename matched "/etc/ipsec.d/*.secrets"
pluto[22373]: "headq" #1: initiating IKEv2 connection
pluto[22373]: "headq": local IKE proposals (IKE SA initiator selecting KE):
pluto[22373]: "headq":   1:IKE=AES_GCM_C_256-HMAC_SHA2_512+HMAC_SHA2_256-NONE-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[22373]: "headq":   2:IKE=AES_GCM_C_128-HMAC_SHA2_512+HMAC_SHA2_256-NONE-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[22373]: "headq":   3:IKE=AES_CBC_256-HMAC_SHA2_512+HMAC_SHA2_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[22373]: "headq":   4:IKE=AES_CBC_128-HMAC_SHA2_512+HMAC_SHA2_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[22373]: "headq" #1: sent IKE_SA_INIT request
pluto[22373]: "headq" #1: reloaded private key matching left certificate 'remotehost1'
pluto[22373]: "headq": local ESP/AH proposals (IKE SA initiator emitting ESP/AH proposals):
pluto[22373]: "headq":   1:ESP=AES_GCM_C_256-NONE-NONE-DISABLED
pluto[22373]: "headq":   2:ESP=AES_GCM_C_128-NONE-NONE-DISABLED
pluto[22373]: "headq":   3:ESP=AES_CBC_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-NONE-DISABLED
pluto[22373]: "headq":   4:ESP=AES_CBC_128-HMAC_SHA2_512_256+HMAC_SHA2_256_128-NONE-DISABLED
pluto[22373]: "headq" #1: sent IKE_AUTH request {auth=IKEv2 cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048}
pluto[22373]: "headq" #2: STATE_PARENT_I2: retransmission; will wait 0.5 seconds for response
pluto[22373]: "headq" #2: STATE_PARENT_I2: retransmission; will wait 1 seconds for response
pluto[22373]: "headq" #2: STATE_PARENT_I2: retransmission; will wait 2 seconds for response
pluto[22373]: "headq" #2: dropping unexpected IKE_AUTH message containing TS_UNACCEPTABLE notification; message payloads: SKF; encrypted payloads: IDr,CERT,AUTH,N; unexpected payloads: IDr,CERT,AUTH
pluto[22373]: "headq" #2: encountered fatal error in state STATE_PARENT_I2
pluto[22373]: "headq" #2: deleting state (STATE_PARENT_I2) aged 2.547706s and NOT sending notification
pluto[22373]: "headq" #3: initiating IKEv2 connection to replace #1
pluto[22373]: "headq" #1: deleting state (STATE_PARENT_I2) aged 120.695834s and NOT sending notification
pluto[22373]: "headq" #1: deleting IKE SA but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS
pluto[22373]: "headq": initiating connection 'headq' with serial $1 which received a Delete/Notify but must remain up per local policy
pluto[22373]: "headq" #3: sent IKE_SA_INIT request
pluto[22373]: "headq" #3: sent IKE_AUTH request {auth=IKEv2 cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048}
pluto[22373]: "headq" #4: STATE_PARENT_I2: retransmission; will wait 0.5 seconds for response
pluto[22373]: "headq" #4: STATE_PARENT_I2: retransmission; will wait 1 seconds for response
pluto[22373]: "headq" #4: dropping unexpected IKE_AUTH message containing TS_UNACCEPTABLE notification; message payloads: SKF; encrypted payloads: IDr,CERT,AUTH,N; unexpected payloads: IDr,CERT,AUTH
pluto[22373]: "headq" #4: encountered fatal error in state STATE_PARENT_I2
pluto[22373]: "headq" #4: deleting state (STATE_PARENT_I2) aged 2.106168s and NOT sending notification

... and so on
================

On server.privlan, the log says:
================
< ... >
pluto[28051]: using Linux xfrm kernel support code on #1 SMP Debian 6.5.10-1~bpo12+1 (2023-11-23)
pluto[28051]: kernel: /proc/sys/net/ipv6/conf/all/disable_ipv6=1 ignore ipv6 holes
pluto[28051]: selinux support is NOT enabled.
pluto[28051]: systemd watchdog for ipsec service configured with timeout of 200000000 usecs
pluto[28051]: watchdog: sending probes every 100 secs
pluto[28051]: seccomp security not supported
pluto[28051]: "privlan-ssh": added passthrough connection
pluto[28051]: "remotesite": IKE SA proposals (connection add):
pluto[28051]: "remotesite":   1:IKE=AES_GCM_C_256-HMAC_SHA2_512+HMAC_SHA2_256-NONE-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[28051]: "remotesite":   2:IKE=AES_GCM_C_128-HMAC_SHA2_512+HMAC_SHA2_256-NONE-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[28051]: "remotesite":   3:IKE=AES_CBC_256-HMAC_SHA2_512+HMAC_SHA2_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[28051]: "remotesite":   4:IKE=AES_CBC_128-HMAC_SHA2_512+HMAC_SHA2_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[28051]: "remotesite": Child SA proposals (connection add):
pluto[28051]: "remotesite":   1:ESP=AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
pluto[28051]: "remotesite":   2:ESP=AES_GCM_C_128-NONE-NONE-ENABLED+DISABLED
pluto[28051]: "remotesite":   3:ESP=AES_CBC_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
pluto[28051]: "remotesite":   4:ESP=AES_CBC_128-HMAC_SHA2_512_256+HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
pluto[28051]: "remotesite": loaded private key matching left certificate 'server'
pluto[28051]: "remotesite": added IKEv2 connection
pluto[28051]: "remotesite-ssh": added passthrough connection
pluto[28051]: listening for IKE messages
pluto[28051]: Kernel supports NIC esp-hw-offload
pluto[28051]: adding UDP interface eth2 192.168.1.253:500
pluto[28051]: adding UDP interface eth2 192.168.1.253:4500
pluto[28051]: adding UDP interface lo 127.0.0.1:500
pluto[28051]: adding UDP interface lo 127.0.0.1:4500
pluto[28051]: forgetting secrets
pluto[28051]: loading secrets from "/etc/ipsec.secrets"
pluto[28051]: no secrets filename matched "/etc/ipsec.d/*.secrets"
pluto[28051]: EXPECTATION FAILED: peer_client->ipproto == transport_proto->ipproto (bare_shunt_ptr() +1395 /programs/pluto/kernel.c)
pluto[28051]: EXPECTATION FAILED: src_client_proto == dst_client_proto (raw_policy() +126 /programs/pluto/kernel_ops.c)
pluto[28051]: EXPECTATION FAILED: selector_protocol(*dst_client) == client_proto (xfrm_raw_policy() +536 /programs/pluto/kernel_xfrm.c)
pluto[28051]: EXPECTATION FAILED: src_client_proto == dst_client_proto (raw_policy() +126 /programs/pluto/kernel_ops.c)
pluto[28051]: EXPECTATION FAILED: selector_protocol(*dst_client) == client_proto (xfrm_raw_policy() +536 /programs/pluto/kernel_xfrm.c)
pluto[28051]: "remotesite" #1: proposal 1:IKE=AES_GCM_C_256-HMAC_SHA2_512-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519[first-match] 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519
pluto[28051]: "remotesite" #1: sent IKE_SA_INIT reply {cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048}
pluto[28051]: "remotesite" #1: processing decrypted IKE_AUTH request: SK{IDi,CERT,CERTREQ,AUTH,SA,TSi,TSr}
pluto[28051]: "remotesite" #1: reloaded private key matching left certificate 'server'
pluto[28051]: "remotesite" #1: responder established IKE SA; authenticated peer '8192-bit RSASSA-PSS with SHA2_512' digital signature using peer certificate 'C=GR, O=MyOrg, CN=remotehost1.privlan' issued by CA 'CN=MyOrg CA'
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #2: No IKEv2 connection found with compatible Traffic Selectors
pluto[28051]: "remotesite" #3: proposal 1:IKE=AES_GCM_C_256-HMAC_SHA2_512-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519[first-match] 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519
pluto[28051]: "remotesite" #3: sent IKE_SA_INIT reply {cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048}
pluto[28051]: "remotesite" #3: processing decrypted IKE_AUTH request: SK{IDi,CERT,CERTREQ,AUTH,SA,TSi,TSr}
pluto[28051]: "remotesite" #3: responder established IKE SA; authenticated peer '8192-bit RSASSA-PSS with SHA2_512' digital signature using peer certificate 'C=GR, O=MyOrg, CN=remotehost1.privlan' issued by CA 'CN=MyOrg CA'
pluto[28051]: "remotesite" #3: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #3: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #3: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[28051]: "remotesite" #3: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1

... and so on
================

Any ideas? I do not really know where to start debugging. Messages like

	pluto[28051]: "remotesite" #3: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1

seem rather harmless to me, since I am seeing those on the server during 
connection setup for the (working) 192.168.1.0 network - and they do not 
seem to have any negative implications.

I am also quite regularly seeing "EXPECTATION FAILED: " messages, mostly 
during pluto shutdown.

So is the message about incompatible traffic selectors the right lead? And 
if so, do I need to get detailed debug logs? The current config is

on remotehost1:
================
conn headq
    left=%defaultroute
    leftcert=remotehost1
    leftid=%fromcert
    right=198.51.100.33
    rightid=%fromcert
    ikev2=insist
    auto=start
    authby=rsasig
    leftrsasigkey=%cert
    rightrsasigkey=%cert
    pfs=yes
    aggressive=no
    salifetime=1h
    negotiationshunt=hold
    failureshunt=drop
    rightca=%same
================

and on server:
================
conn remotesite
     left=%defaultroute
     right=203.0.113.55
     auto=add
     ikev2=yes
     authby=rsasig
     leftid=%fromcert
     rightid=%fromcert
     leftrsasigkey=%cert
     rightrsasigkey=%cert
     leftcert=pandora
     pfs=yes
     aggressive=no
     salifetime=1h
     negotiationshunt=hold
     failureshunt=drop
     rekey=no
================

Many thanks for any input!

Phil

More information about the Swan mailing list