[Swan] Possible to setup multiple connections, partly behind NAT?

Phil Nightowl phil.nightowl at gmail.com
Thu Feb 22 23:03:30 EET 2024 

> add narrowing=yes on the serer as well.

Done. Unfortunately, it did not help completely, albeit a certain 
improvement can be observed. With only this change in the config, the server 
now reports:

systemd[1]: Starting ipsec.service - Internet Key Exchange (IKE) Protocol Daemon for IPsec...
< ... >
pluto[30425]: systemd watchdog for ipsec service configured with timeout of 200000000 usecs
pluto[30425]: watchdog: sending probes every 100 secs
pluto[30425]: helper(2) seccomp security for helper not supported
pluto[30425]: helper(1) seccomp security for helper not supported
pluto[30425]: seccomp security not supported
pluto[30425]: "privlan-ssh": added passthrough connection
pluto[30425]: "remotesite": IKE SA proposals (connection add):
pluto[30425]: "remotesite":   1:IKE=AES_GCM_C_256-HMAC_SHA2_512+HMAC_SHA2_256-NONE-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[30425]: "remotesite":   2:IKE=AES_GCM_C_128-HMAC_SHA2_512+HMAC_SHA2_256-NONE-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[30425]: "remotesite":   3:IKE=AES_CBC_256-HMAC_SHA2_512+HMAC_SHA2_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[30425]: "remotesite":   4:IKE=AES_CBC_128-HMAC_SHA2_512+HMAC_SHA2_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[30425]: "remotesite": Child SA proposals (connection add):
pluto[30425]: "remotesite":   1:ESP=AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
pluto[30425]: "remotesite":   2:ESP=AES_GCM_C_128-NONE-NONE-ENABLED+DISABLED
pluto[30425]: "remotesite":   3:ESP=AES_CBC_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
pluto[30425]: "remotesite":   4:ESP=AES_CBC_128-HMAC_SHA2_512_256+HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
pluto[30425]: "remotesite": loaded private key matching left certificate 'server'
pluto[30425]: "remotesite": added IKEv2 connection
pluto[30425]: "remotesite-ssh": added passthrough connection
pluto[30425]: listening for IKE messages
pluto[30425]: Kernel supports NIC esp-hw-offload
pluto[30425]: adding UDP interface eth2 192.168.1.253:500
pluto[30425]: adding UDP interface eth2 192.168.1.253:4500
pluto[30425]: adding UDP interface lo 127.0.0.1:500
pluto[30425]: adding UDP interface lo 127.0.0.1:4500
pluto[30425]: forgetting secrets
pluto[30425]: loading secrets from "/etc/ipsec.secrets"
pluto[30425]: no secrets filename matched "/etc/ipsec.d/*.secrets"
pluto[30425]: EXPECTATION FAILED: peer_client->ipproto == transport_proto->ipproto (bare_shunt_ptr() +1395 /programs/pluto/kernel.c)
pluto[30425]: EXPECTATION FAILED: src_client_proto == dst_client_proto (raw_policy() +126 /programs/pluto/kernel_ops.c)
pluto[30425]: EXPECTATION FAILED: selector_protocol(*dst_client) == client_proto (xfrm_raw_policy() +536 /programs/pluto/kernel_xfrm.c)
pluto[30425]: EXPECTATION FAILED: src_client_proto == dst_client_proto (raw_policy() +126 /programs/pluto/kernel_ops.c)
pluto[30425]: EXPECTATION FAILED: selector_protocol(*dst_client) == client_proto (xfrm_raw_policy() +536 /programs/pluto/kernel_xfrm.c)
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: proposal 1:IKE=AES_GCM_C_256-HMAC_SHA2_512-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519[first-match] 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: sent IKE_SA_INIT reply {cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048}
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: processing decrypted IKE_AUTH request: SK{IDi,CERT,CERTREQ,AUTH,SA,TSi,TSr}
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: reloaded private key matching left certificate 'server'
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: responder established IKE SA; authenticated peer '8192-bit RSASSA-PSS with SHA2_512' digital signature using peer certificate 'C=GR, O=MyOrg, CN=remotehost1.privlan' issued by CA 'CN=MyOrg CA'
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_PARENT_R1
pluto[30425]: "remotesite"[1] 203.0.113.55 #2: proposal 1:ESP=AES_GCM_C_256-DISABLED SPI=7522bc14 chosen from remote proposals 1:ESP:ENCR=AES_GCM_C_256;ESN=DISABLED[first-match] 2:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED 3:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;ESN=DISABLED 4:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;ESN=DISABLED
pluto[30425]: "remotesite"[1] 203.0.113.55 #2: responder established Child SA using #1; IPsec tunnel [192.168.1.253-192.168.1.253:0-65535 0] -> [203.0.113.55-203.0.113.55:0-65535 0] {ESPinUDP=>0x7522bc14 <0x80c5c828 xfrm=AES_GCM_16_256-NONE NATD=203.0.113.55:4500 DPD=passive}
systemd[1]: Stopping ipsec.service - Internet Key Exchange (IKE) Protocol Daemon for IPsec...
whack[30482]: 002 shutting down
pluto[30425]: shutting down
pluto[30425]: Pluto is shutting down
pluto[30425]: "remotesite"[1] 203.0.113.55: deleting connection instance with peer 203.0.113.55 {isakmp=#1/ipsec=#2}
pluto[30425]: "remotesite"[1] 203.0.113.55 #1: deleting state (STATE_V2_ESTABLISHED_IKE_SA) aged 194.807992s and sending notification
pluto[30425]: "remotesite"[1] 203.0.113.55 #2: ESP traffic information: in=0B out=0B
pluto[30425]: EXPECTATION FAILED: src_client_proto == dst_client_proto (raw_policy() +126 /programs/pluto/kernel_ops.c)
pluto[30425]: EXPECTATION FAILED: selector_protocol(*dst_client) == client_proto (xfrm_raw_policy() +536 /programs/pluto/kernel_xfrm.c)
pluto[30425]: EXPECTATION FAILED: src_client_proto == dst_client_proto (raw_policy() +126 /programs/pluto/kernel_ops.c)
pluto[30425]: EXPECTATION FAILED: selector_protocol(*dst_client) == client_proto (xfrm_raw_policy() +536 /programs/pluto/kernel_xfrm.c)
pluto[30425]: "remotesite-ssh": kernel: xfrm XFRM_MSG_DELPOLICY for flow %discard(discard) (in) encountered unexpected policy
pluto[30425]: "privlan-ssh": kernel: xfrm XFRM_MSG_DELPOLICY for flow %discard(discard) (in) encountered unexpected policy
pluto[30425]: forgetting secrets
pluto[30425]: shutting down interface lo 127.0.0.1:4500
pluto[30425]: shutting down interface lo 127.0.0.1:500
pluto[30425]: shutting down interface eth2 192.168.1.253:4500
pluto[30425]: shutting down interface eth2 192.168.1.253:500
pluto[30425]: leak detective found no leaks

To me, it seems that the connection is 'almost' established on the server 
side. Furthermore, an 'ipsec whack' on the server says

000 Total IPsec connections: loaded 4, active 1
000  
000 State Information: DDoS cookies not required, Accepting new IKE connections
000 IKE SAs: total(1), half-open(0), open(0), authenticated(1), anonymous(0)
000 IPsec SAs: total(1), authenticated(1), anonymous(0)

However, the client/initiator end seems not to have changed much since the 
previous attempt:

systemd[1]: Starting ipsec.service - Internet Key Exchange (IKE) Protocol Daemon for IPsec...
< ... >
pluto[11791]: watchdog: sending probes every 100 secs
pluto[11791]: seccomp security for helper not supported
pluto[11791]: seccomp security not supported
pluto[11791]: "headq": loaded private key matching left certificate 'remotehost1'
pluto[11791]: "headq": added IKEv2 connection
pluto[11791]: "headq-ssh-pass": added passthrough connection
pluto[11791]: listening for IKE messages
pluto[11791]: Kernel supports NIC esp-hw-offload
pluto[11791]: adding UDP interface enp2s0 10.0.1.138:500
pluto[11791]: adding UDP interface enp2s0 10.0.1.138:4500
pluto[11791]: adding UDP interface lo 127.0.0.1:500
pluto[11791]: adding UDP interface lo 127.0.0.1:4500
pluto[11791]: forgetting secrets
pluto[11791]: loading secrets from "/etc/ipsec.secrets"
pluto[11791]: no secrets filename matched "/etc/ipsec.d/*.secrets"
pluto[11791]: "headq"[1] 198.51.100.33: instantiated connection
pluto[11791]: "headq"[1] 198.51.100.33 #1: initiating IKEv2 connection
pluto[11791]: "headq"[1] 198.51.100.33: local IKE proposals (IKE SA initiator selecting KE):
pluto[11791]: "headq"[1] 198.51.100.33:   1:IKE=AES_GCM_C_256-HMAC_SHA2_512+HMAC_SHA2_256-NONE-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[11791]: "headq"[1] 198.51.100.33:   2:IKE=AES_GCM_C_128-HMAC_SHA2_512+HMAC_SHA2_256-NONE-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[11791]: "headq"[1] 198.51.100.33:   3:IKE=AES_CBC_256-HMAC_SHA2_512+HMAC_SHA2_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[11791]: "headq"[1] 198.51.100.33:   4:IKE=AES_CBC_128-HMAC_SHA2_512+HMAC_SHA2_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
pluto[11791]: "headq"[1] 198.51.100.33 #1: sent IKE_SA_INIT request
pluto[11791]: "headq"[1] 198.51.100.33 #1: reloaded private key matching left certificate 'remotehost1'
pluto[11791]: "headq"[1] 198.51.100.33: local ESP/AH proposals (IKE SA initiator emitting ESP/AH proposals):
pluto[11791]: "headq"[1] 198.51.100.33:   1:ESP=AES_GCM_C_256-NONE-NONE-DISABLED
pluto[11791]: "headq"[1] 198.51.100.33:   2:ESP=AES_GCM_C_128-NONE-NONE-DISABLED
pluto[11791]: "headq"[1] 198.51.100.33:   3:ESP=AES_CBC_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-NONE-DISABLED
pluto[11791]: "headq"[1] 198.51.100.33:   4:ESP=AES_CBC_128-HMAC_SHA2_512_256+HMAC_SHA2_256_128-NONE-DISABLED
pluto[11791]: "headq"[1] 198.51.100.33 #1: sent IKE_AUTH request {auth=IKEv2 cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048}
pluto[11791]: "headq"[1] 198.51.100.33 #2: STATE_PARENT_I2: retransmission; will wait 0.5 seconds for response
pluto[11791]: "headq"[1] 198.51.100.33 #2: STATE_PARENT_I2: retransmission; will wait 1 seconds for response
pluto[11791]: "headq"[1] 198.51.100.33 #2: STATE_PARENT_I2: retransmission; will wait 2 seconds for response
pluto[11791]: loading root certificate cache
pluto[11791]: "headq"[1] 198.51.100.33 #1: certificate verified OK: CN=server.privlan,O=MyOrg,C=GR
pluto[11791]: "headq"[1] 198.51.100.33 #1: IKEv2 mode peer ID is ID_DER_ASN1_DN: 'C=GR, O=MyOrg, CN=server.privlan'
pluto[11791]: "headq"[1] 198.51.100.33 #1: authenticated using RSA with SHA2_512
pluto[11791]: "headq"[1] 198.51.100.33 #2: state transition 'Initiator: process IKE_AUTH response' failed with v2N_TS_UNACCEPTABLE
pluto[11791]: "headq"[1] 198.51.100.33 #2: deleting state (STATE_PARENT_I2) aged 62.595405s and NOT sending notification
pluto[11791]: "headq"[1] 198.51.100.33 #1: deleting state (STATE_V2_ESTABLISHED_IKE_SA) aged 194.990727s and NOT sending notification
pluto[11791]: "headq"[1] 198.51.100.33 #1: deleting IKE SA but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS
pluto[11791]: "headq"[1] 198.51.100.33: initiating connection 'headq' with serial $3 which received a Delete/Notify but must remain up per local policy
pluto[11791]: "headq"[1] 198.51.100.33 #3: initiating IKEv2 connection
pluto[11791]: "headq"[1] 198.51.100.33 #3: sent IKE_SA_INIT request
pluto[11791]: "headq"[1] 198.51.100.33 #3: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response
pluto[11791]: "headq"[1] 198.51.100.33 #3: STATE_PARENT_I1: retransmission; will wait 1 seconds for response
pluto[11791]: "headq"[1] 198.51.100.33 #3: STATE_PARENT_I1: retransmission; will wait 2 seconds for response
pluto[11791]: "headq"[1] 198.51.100.33 #3: STATE_PARENT_I1: retransmission; will wait 4 seconds for response
systemd[1]: Stopping ipsec.service - Internet Key Exchange (IKE) Protocol Daemon for IPsec...
pluto[11791]: "headq"[1] 198.51.100.33 #3: STATE_PARENT_I1: retransmission; will wait 8 seconds for response
whack[11824]: 002 shutting down
pluto[11791]: shutting down
pluto[11791]: "headq"[1] 198.51.100.33: deleting connection instance with peer 198.51.100.33 {isakmp=#0/ipsec=#0}
pluto[11791]: "headq"[1] 198.51.100.33 #3: deleting state (STATE_PARENT_I1) aged 8.122202s and NOT sending notification
pluto[11791]: destroying root certificate cache
pluto[11791]: forgetting secrets
pluto[11791]: shutting down interface lo 127.0.0.1:4500
pluto[11791]: shutting down interface lo 127.0.0.1:500
pluto[11791]: shutting down interface enp2s0 10.0.1.138:4500
pluto[11791]: shutting down interface enp2s0 10.0.1.138:500
pluto[11791]: leak detective found no leaks

What I read from the above is that the initiator is somehow not happy with 
the traffic selectors (IPs/subnets) stated by the server/responder. But it 
doesn't tell (or I don't get) what exactly it doesn't like and therefore on 
which knob to tweak.

Does anyone else see what is (still) wrong here?

Many thanks,

Phil

More information about the Swan mailing list