On 10/16/19 at 08:31P, Stuart Henderson wrote:
> On 2019-10-07, Tristan Pilat <tris...@pilat.me> wrote:
> > I'm trying to set up a IKEv2 VPN using X.509 Certificate Authentication with
> > iked(8). In the Virtual Private Networks (VPN) section of the FAQ there no
> > section about setting up this with an OpenBSD client. Is there anybody here
> > who's done that before?
>
> Hoping someone will tell me that I'm wrong, but iked's client-side support is
> not very flexible and I don't think it supports this - it definitely doesn't
> support username/password auth as a client.
Does X.509 Certificate Authentication necessarily include the use of an
username/password auth mechanism?
> strongswan is in packages if that helps..
I'll use strongswan as a last resort but I'd really like to sort
this out and use iked instead.
I've actually gotten somewhere since I wrote this call for help.
So here's what I did. I put the last two blocks of my example.pem file in a
/etc/iked/ca/example.crt file and copied example.pem to
/etc/iked/certs/example.crt
And after some research I ended up with this configuration file :
# cat /etc/iked.conf
local_ip="198.51.100.1"
local_network="192.0.2.0/24 "
remote_ip="198.51.100.2"
remote_network="203.0.113.0/24"
ikev2 'example' active esp \
from $local_network to $remote_network \
local $local_ip peer $remote_ip \
ikesa auth hmac-sha1 enc aes-256 prf hmac-sha1 group modp1536 \
childsa auth hmac-sha1 enc aes-256 group modp1536 \
srcid "/C=FR/O=XXX/OU=0002 479766842/OU=XXXXX/CN=XXXXXXX" \
dstid "/C=FR/O=XXX/OU=0002 479766842/OU=XXXXX/CN=YYYYYYY" \
ikelifetime 86400 lifetime 28800
But I'm still stuck here with an "ikev2_pld_notify: AUTHENTICATION_FAILED,
closing SA"
Here's the full iked output:
# iked -dvvT
local_ip = "198.51.100.1"
local_network = "192.0.2.0/24"
remote_ip = "198.51.100.2"
remote_network = "203.0.113.0/24"
set_policy_auth_method: using rfc7427 for peer
ikev2 "XXX" active esp inet from 192.0.2.0/24 to 203.0.113.0/24 local
198.51.100.1 peer 198.51.100.2 ikesa enc aes-256 prf hmac-sha1 auth hmac-sha1
group modp1536 childsa enc aes-256 auth hmac-sha1 group modp1536 srcid
/C=FR/O=XXX/OU=0002 479766842/OU=XXXXX/CN=XXXXXXX dstid /C=FR/O=XXX/OU=0002
479766842/OU=XXXXX/CN=YYYYYYY ikelifetime 86400 lifetime 28800 bytes 536870912
rfc7427
/etc/iked.conf: loaded 1 configuration rules
ca_privkey_serialize: type RSA_KEY length 1191
ca_pubkey_serialize: type RSA_KEY length 270
ca_privkey_to_method: type RSA_KEY method RSA_SIG
ca_getkey: received private key type RSA_KEY length 1191
ca_getkey: received public key type RSA_KEY length 270
ca_dispatch_parent: config reset
ca_reload: loaded ca file example.crt
ca_reload: /C=FR/O=XXX/OU=0002 120061023/CN=XXXXX
ca_reload: /CN=XXX-ROOT/OU=0002 120061023/O=XXXX/C=FR
ca_reload: loaded 2 ca certificates
ca_reload: loaded cert file example.crt
ca_validate_cert: /C=FR/O=XXX/OU=0002 120061023/CN=AC XXX 2018 ok
ca_validate_cert: /C=FR/O=XXX/OU=0002 479766842/OU=XXXXX/CN=XXXXXXX ok
ca_validate_cert: /CN=XXX-ROOT/OU=0002 120061023/O=XXXX/C=FR ok
ca_reload: local cert type X509_CERT
config_getocsp: ocsp_url none
ikev2_dispatch_cert: updated local CERTREQ type X509_CERT length 40
ikev2_dispatch_cert: updated local CERTREQ type X509_CERT length 40
config_getpolicy: received policy
config_getpfkey: received pfkey fd 3
config_getcompile: compilation done
config_getsocket: received socket fd 4
config_getsocket: received socket fd 5
config_getmobike: mobike
ikev2_init_ike_sa: initiating "XXX"
ca_x509_name_parse: setting 'C' to 'FR'
ca_x509_name_parse: setting 'O' to 'XXX'
ca_x509_name_parse: setting 'OU' to '0002 479766842'
ca_x509_name_parse: setting 'OU' to 'XXXXX'
ca_x509_name_parse: setting 'CN' to 'XXXXXXX'
ikev2_policy2id: srcid ASN1_DN//C=FR/O=XXX/OU=0002
479766842/OU=XXXXX/CN=XXXXXXX length 109
ikev2_add_proposals: length 44
ikev2_next_payload: length 48 nextpayload KE
ikev2_next_payload: length 200 nextpayload NONCE
ikev2_next_payload: length 36 nextpayload NOTIFY
ikev2_next_payload: length 14 nextpayload NONE
ikev2_pld_parse: header ispi 0x30eecb84950d6a8a rspi 0x0000000000000000
nextpayload SA version 0x20 exchange IKE_SA_INIT flags 0x08 msgid 0 length 326
response 0
ikev2_pld_payloads: payload SA nextpayload KE critical 0x00 length 48
ikev2_pld_sa: more 0 reserved 0 length 44 proposal #1 protoid IKE spisize 0
xforms 4 spi 0
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA1_96
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_1536
ikev2_pld_xform: more 0 reserved 0 length 8 type PRF id HMAC_SHA1
ikev2_pld_payloads: payload KE nextpayload NONCE critical 0x00 length 200
ikev2_pld_ke: dh group MODP_1536 reserved 0
ikev2_pld_payloads: payload NONCE nextpayload NOTIFY critical 0x00 length 36
ikev2_pld_payloads: payload NOTIFY nextpayload NONE critical 0x00 length 14
ikev2_pld_notify: protoid NONE spisize 0 type SIGNATURE_HASH_ALGORITHMS
ikev2_msg_send: IKE_SA_INIT request from 198.51.100.1:500 to 198.51.100.2:500
msgid 0, 326 bytes
sa_state: INIT -> SA_INIT
ikev2_recv: IKE_SA_INIT response from responder 198.51.100.2:500 to
198.51.100.1:500 policy 'XXX' id 0, 519 bytes
ikev2_recv: ispi 0x30eecb84950d6a8a rspi 0x302e973608d00937
ikev2_recv: updated SA to peer 198.51.100.2:500 local 198.51.100.1:500
ikev2_pld_parse: header ispi 0x30eecb84950d6a8a rspi 0x302e973608d00937
nextpayload SA version 0x20 exchange IKE_SA_INIT flags 0x20 msgid 0 length 519
response 1
ikev2_pld_payloads: payload SA nextpayload KE critical 0x00 length 48
ikev2_pld_sa: more 0 reserved 0 length 44 proposal #1 protoid IKE spisize 0
xforms 4 spi 0
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA1
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA1_96
ikev2_pld_xform: more 0 reserved 0 length 8 type DH id MODP_1536
ikev2_pld_payloads: payload KE nextpayload NONCE critical 0x00 length 200
ikev2_pld_ke: dh group MODP_1536 reserved 0
ikev2_pld_payloads: payload NONCE nextpayload VENDOR critical 0x00 length 68
ikev2_pld_payloads: payload VENDOR nextpayload VENDOR critical 0x00 length 23
ikev2_pld_payloads: payload VENDOR nextpayload CERTREQ critical 0x00 length 59
ikev2_pld_payloads: payload CERTREQ nextpayload NOTIFY critical 0x00 length 65
ikev2_pld_certreq: type X509_CERT length 60
ca_x509_name_parse: setting 'C' to 'FR'
ca_x509_name_parse: setting 'O' to 'XXX'
ca_x509_name_parse: setting 'OU' to '0002 479766842'
ca_x509_name_parse: setting 'OU' to 'XXXXX'
ca_x509_name_parse: setting 'CN' to 'XXXXXXX'
ikev2_policy2id: srcid ASN1_DN//C=FR/O=XXX/OU=0002
479766842/OU=XXXXX/CN=XXXXXXX length 109
sa_stateflags: 0x0000 -> 0x0004 certreq (required 0x0009 cert,auth)
ikev2_pld_payloads: payload NOTIFY nextpayload VENDOR critical 0x00 length 8
ikev2_pld_notify: protoid NONE spisize 0 type FRAGMENTATION_SUPPORTED
ikev2_pld_payloads: payload VENDOR nextpayload NONE critical 0x00 length 20
ikev2_sa_negotiate: score 4
sa_stateok: SA_INIT flags 0x0000, require 0x0009 cert,auth
ikev2_sa_keys: DHSECRET with 192 bytes
ikev2_sa_keys: SKEYSEED with 20 bytes
ikev2_sa_keys: S with 112 bytes
ikev2_prfplus: T1 with 20 bytes
ikev2_prfplus: T2 with 20 bytes
ikev2_prfplus: T3 with 20 bytes
ikev2_prfplus: T4 with 20 bytes
ikev2_prfplus: T5 with 20 bytes
ikev2_prfplus: T6 with 20 bytes
ikev2_prfplus: T7 with 20 bytes
ikev2_prfplus: T8 with 20 bytes
ikev2_prfplus: T9 with 20 bytes
ikev2_prfplus: Tn with 180 bytes
ikev2_sa_keys: SK_d with 20 bytes
ikev2_sa_keys: SK_ai with 20 bytes
ikev2_sa_keys: SK_ar with 20 bytes
ikev2_sa_keys: SK_ei with 32 bytes
ikev2_sa_keys: SK_er with 32 bytes
ikev2_sa_keys: SK_pi with 20 bytes
ikev2_sa_keys: SK_pr with 20 bytes
ikev2_msg_auth: initiator auth data length 410
ca_setauth: using SIG (RFC7427)
ca_setauth: using SIG (RFC7427)
ca_setauth: auth length 410
sa_stateok: SA_INIT flags 0x0000, require 0x0009 cert,auth
config_free_proposals: free 0x1b31b30fb80
ca_getreq: found CA /C=FR/O=XXX/OU=0002 120061023/CN=XXXXX
ca_getreq: found local certificate /C=FR/O=XXX/OU=0002
479766842/OU=XXXXX/CN=XXXXXXX
ca_setauth: auth length 272
ikev2_getimsgdata: imsg 20 rspi 0x302e973608d00937 ispi 0x30eecb84950d6a8a
initiator 1 sa valid type 4 data length 1401
ikev2_dispatch_cert: cert type X509_CERT length 1401, ok
sa_stateflags: 0x0004 -> 0x0005 cert,certreq (required 0x0009 cert,auth)
sa_stateok: SA_INIT flags 0x0001, require 0x0009 cert,auth
ikev2_getimsgdata: imsg 25 rspi 0x302e973608d00937 ispi 0x30eecb84950d6a8a
initiator 1 sa valid type 14 data length 272
ikev2_dispatch_cert: AUTH type 14 len 272
sa_stateflags: 0x0005 -> 0x000d cert,certreq,auth (required 0x0009 cert,auth)
sa_stateok: SA_INIT flags 0x0009, require 0x0009 cert,auth
ikev2_next_payload: length 113 nextpayload CERT
ikev2_next_payload: length 1406 nextpayload CERTREQ
ikev2_add_certreq: type X509_CERT length 41
ikev2_next_payload: length 45 nextpayload AUTH
ikev2_next_payload: length 280 nextpayload SA
pfkey_sa_getspi: spi 0x2be3b39f
pfkey_sa_init: new spi 0x2be3b39f
ikev2_add_proposals: length 48
ikev2_next_payload: length 52 nextpayload TSi
ikev2_next_payload: length 24 nextpayload TSr
ikev2_next_payload: length 24 nextpayload NONE
ikev2_msg_encrypt: decrypted length 1944
ikev2_msg_encrypt: padded length 1952
ikev2_msg_encrypt: length 1945, padding 7, output length 1980
ikev2_next_payload: length 1984 nextpayload IDi
ikev2_msg_integr: message length 2012
ikev2_msg_integr: integrity checksum length 12
ikev2_pld_parse: header ispi 0x30eecb84950d6a8a rspi 0x302e973608d00937
nextpayload SK version 0x20 exchange IKE_AUTH flags 0x08 msgid 1 length 2012
response 0
ikev2_pld_payloads: payload SK nextpayload IDi critical 0x00 length 1984
ikev2_msg_decrypt: IV length 16
ikev2_msg_decrypt: encrypted payload length 1952
ikev2_msg_decrypt: integrity checksum length 12
ikev2_msg_decrypt: integrity check succeeded
ikev2_msg_decrypt: decrypted payload length 1952/1952 padding 7
ikev2_pld_payloads: decrypted payload IDi nextpayload CERT critical 0x00 length
113
ikev2_pld_id: id ASN1_DN//C=FR/O=XXX/OU=0002 479766842/OU=XXXXX/CN=XXXXXXX
length 109
ikev2_pld_payloads: decrypted payload CERT nextpayload CERTREQ critical 0x00
length 1406
ikev2_pld_cert: type X509_CERT length 1401
ikev2_pld_payloads: decrypted payload CERTREQ nextpayload AUTH critical 0x00
length 45
ikev2_pld_certreq: type X509_CERT length 40
ikev2_pld_payloads: decrypted payload AUTH nextpayload SA critical 0x00 length
280
ikev2_pld_auth: method SIG length 272
ikev2_pld_payloads: decrypted payload SA nextpayload TSi critical 0x00 length 52
ikev2_pld_sa: more 0 reserved 0 length 48 proposal #1 protoid ESP spisize 4
xforms 4 spi 0x2be3b39f
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA1_96
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type ESN id ESN
ikev2_pld_xform: more 0 reserved 0 length 8 type ESN id NONE
ikev2_pld_payloads: decrypted payload TSi nextpayload TSr critical 0x00 length
24
ikev2_pld_ts: count 1 length 16
ikev2_pld_ts: type IPV4_ADDR_RANGE protoid 0 length 16 startport 0 endport 65535
ikev2_pld_ts: start 192.0.2.0 end 192.0.2.255
ikev2_pld_payloads: decrypted payload TSr nextpayload NONE critical 0x00 length
24
ikev2_pld_ts: count 1 length 16
ikev2_pld_ts: type IPV4_ADDR_RANGE protoid 0 length 16 startport 0 endport 65535
ikev2_pld_ts: start 203.0.113.0 end 203.0.113.255
ikev2_msg_send: IKE_AUTH request from 198.51.100.1:500 to 198.51.100.2:500
msgid 1, 2012 bytes
ikev2_recv: IKE_AUTH response from responder 198.51.100.2:500 to
198.51.100.1:500 policy 'example' id 1, 76 bytes
ikev2_recv: ispi 0x30eecb84950d6a8a rspi 0x302e973608d00937
ikev2_recv: updated SA to peer 198.51.100.2:500 local 198.51.100.1:500
ikev2_pld_parse: header ispi 0x30eecb84950d6a8a rspi 0x302e973608d00937
nextpayload SK version 0x20 exchange IKE_AUTH flags 0x20 msgid 1 length 76
response 1
ikev2_pld_payloads: payload SK nextpayload NOTIFY critical 0x00 length 48
ikev2_msg_decrypt: IV length 16
ikev2_msg_decrypt: encrypted payload length 16
ikev2_msg_decrypt: integrity checksum length 12
ikev2_msg_decrypt: integrity check succeeded
ikev2_msg_decrypt: decrypted payload length 16/16 padding 7
ikev2_pld_payloads: decrypted payload NOTIFY nextpayload NONE critical 0x00
length 8
ikev2_pld_notify: protoid IKE spisize 0 type AUTHENTICATION_FAILED
ikev2_pld_notify: AUTHENTICATION_FAILED, closing SA
sa_state: SA_INIT -> CLOSED from 198.51.100.2:500 to 198.51.100.1:500 policy
'example'
sa_stateok: VALID flags 0x0000, require 0x0032 certvalid,authvalid,sa
ikev2_recv: closing SA
sa_free: ispi 0x30eecb84950d6a8a rspi 0x302e973608d00937
config_free_proposals: free 0x1b34255b780
On the other peer, the guy notices the following lines in his device logs :
Oct 11 16:13:02 xxxxx.example.net local4.notice Local:198.51.100.2:500
Remote:198.51.100.1:1011 Username:Unknown IKEv2 Received a IKE_INIT_SA request
Oct 11 16:13:02 xxxxx.example.net local4.warning Local:198.51.100.2:500
Remote:198.51.100.1:1011 Username:198.51.100.1 IKEv2 Negotiation aborted due to
ERROR: Peer authentication method configured is mismatching with the method
proposed by peer
Oct 11 16:16:02 xxxxx.example.net local4.notice Local:198.51.100.2:500
Remote:198.51.100.1:1011 Username:Unknown IKEv2 Received a IKE_INIT_SA request
Oct 11 16:16:32 xxxxx.example.net local4.warning Local:198.51.100.2:500
Remote:198.51.100.1:1011 Username:Unknown IKEv2 Negotiation aborted due to
ERROR: Failed to receive the AUTH msg before the timer expired
Do you guys have any idea?
Thanks,
--
Tristan
