Hello,
I have several OpenBSD 7.2 connected to a commercial VPN-Router (LANCOM
1781EW+) using iked. It works, except every time the Child SA
negotiation starts, iked answers NO_PROPOSAL_CHOSEN to the router. Which
leads to closed connections and a new IKE SA negotiation.
I don't understand this because the proposal looks supported to me.
# cat /etc/iked.conf
set dpd_check_interval 30
ikev2 "rathaus" active \
from 192.168.0.0/24 to any \
from dynamic to 192.168.0.0/24 \
from dynamic to 192.168.11.55/32 \
local 192.168.1.210 peer 88.14.XXX.YYY \
srcid "/C=DE/ST=.../CN=o2.example.com" \
dstid "/C=DE/ST=.../CN=vpn.example.com" \
request address any \
iface lo1
# iked -d
ikev2_init_ike_sa: initiating "rathaus"
spi=0xd2135463734ddcce: send IKE_SA_INIT req 0 peer 88.14.XXX.YYY:500
local 192.168.1.210:500, 518 bytes
spi=0xd2135463734ddcce: recv IKE_SA_INIT res 0 peer 88.14.XXX.YYY:500
local 192.168.1.210:500, 38 bytes, policy 'rathaus'
spi=0xd2135463734ddcce: sa_free: reinitiating with new DH group
ikev2_init_ike_sa: initiating "rathaus"
spi=0x0a131729beeb819a: send IKE_SA_INIT req 0 peer 88.14.XXX.YYY:500
local 192.168.1.210:500, 742 bytes
spi=0x0a131729beeb819a: recv IKE_SA_INIT res 0 peer 88.14.XXX.YYY:500
local 192.168.1.210:500, 487 bytes, policy 'rathaus'
spi=0x0a131729beeb819a: send IKE_AUTH req 1 peer 88.14.XXX.YYY:4500
local 192.168.1.210:4500, 3144 bytes, NAT-T
spi=0x0a131729beeb819a: recv IKE_AUTH res 1 peer 88.14.XXX.YYY:4500
local 192.168.1.210:4500, 2885 bytes, policy 'rathaus'
spi=0x0a131729beeb819a: ikev2_ike_auth_recv: obtained lease: 192.168.0.206
spi=0x0a131729beeb819a: ikev2_ike_auth_recv: obtained DNS: 192.168.1.254
spi=0x0a131729beeb819a: ikev2_childsa_enable: loaded SPIs: 0xc9b95a8c,
0xd6296d4a (enc aes-256-gcm)
spi=0x0a131729beeb819a: ikev2_childsa_enable: loaded flows:
ESP-192.168.0.0/24=0.0.0.0/0(0), ESP-192.168.0.206/32=192.168.0.0/24(0),
ESP-192.168.0.206/32=192.168.11.55/32(0)
spi=0x0a131729beeb819a: established peer
88.14.XXX.YYY:4500[ASN1_DN//C=DE/ST=.../CN=vpn.example.com] local
192.168.1.210:4500[ASN1_DN//C=DE/ST=.../CN=o2.example.com] policy
'rathaus' as initiator (enc aes-256-gcm group modp2048 prf hmac-sha2-256)
The VPN-Router eventually does this:
[VPN-Status] 2023/02/23 21:12:41,019 Devicetime: 2023/02/23 21:12:45,358
Soft lifetime event occurred for 'IPSEC-0-O2-PR0-L0-R0' (responder
70/28800 sec flags 0x0000000100000000)
CHILD_SA ESP IPSEC_ESP Outbound-SPI 0x31B16169 Inbound-SPI 0x8F1A3175
Establishing CREATE_CHILD_SA exchange for IPSEC-0-O2-PR0-L0-R0 (O2)
CHILD_SA ('', '' ) entered to SADB
Peer O2: Constructing an CREATE_CHILD_SA-REQUEST for send
Soft-Event occurred for peer IPSEC-0-O2-PR0-L0-R0 (Responder, flags
0x00002001)
Starting a CHILD_SA rekeying for CHILD_SA:
Rekeyed SA:
ESP outgoing [0x31B16169], incoming [0x8F1A3175]
+CHILD-SA:
ESP-Proposal-1 My-SPI: 0xE9D1F2BD (5 transforms)
ENCR : AES-GCM-16-256 AES-CBC-256
INTEG: HMAC-SHA-256 HMAC-SHA1
ESN : NONE
+Rekeying TSi 0: ( 0, 0-65535, 0.0.0.0-255.255.255.255)
+Rekeying TSr 0: ( 0, 0-65535, 192.168.0.206-192.168.0.206 )
Message scheduled for retransmission (1) in 8.773356 seconds
Sending an CREATE_CHILD_SA-REQUEST of 217 bytes (responder encrypted)
Gateways: 88.14.XXX.YYY:4500-->84.17.XXX.ZZZ:4500, tag 0 (UDP)
SPIs: 0x6ECF7D9294CBC2A7FE91F645321E6EEE, Message-ID 0
Which iked response to with:
spi=0x0a131729beeb819a: recv CREATE_CHILD_SA req 0 peer
88.14.XXX.YYY:4500 local 192.168.1.210:4500, 217 bytes, policy 'rathaus'
ikev2_resp_create_child_sa: no proposal chosen
spi=0x0a131729beeb819a: ikev2_log_proposal: ESP #1 ENCR=AES_GCM_16-256
spi=0x0a131729beeb819a: ikev2_log_proposal: ESP #1 ENCR=AES_CBC-256
spi=0x0a131729beeb819a: ikev2_log_proposal: ESP #1 INTEGR=HMAC_SHA2_256_128
spi=0x0a131729beeb819a: ikev2_log_proposal: ESP #1 INTEGR=HMAC_SHA1_96
spi=0x0a131729beeb819a: ikev2_log_proposal: ESP #1 ESN=NONE
spi=0x0a131729beeb819a: ikev2_add_error: NO_PROPOSAL_CHOSEN
spi=0x0a131729beeb819a: send CREATE_CHILD_SA res 0 peer
88.14.XXX.YYY:4500 local 192.168.1.210:4500, 65 bytes, NAT-T
spi=0x0a131729beeb819a: recv INFORMATIONAL req 1 peer 88.14.XXX.YYY:4500
local 192.168.1.210:4500, 77 bytes, policy 'rathaus'
spi=0x0a131729beeb819a: ikev2_ikesa_recv_delete: received delete
spi=0x0a131729beeb819a: send INFORMATIONAL res 1 peer 88.14.XXX.YYY:4500
local 192.168.1.210:4500, 57 bytes, NAT-T
spi=0x0a131729beeb819a: sa_free: received delete
I got desperate and tried adding this to iked.conf, which didn't help:
childsa group modp2048 \
childsa group modp2048 noesn\
childsa enc aes-256-gcm group modp2048 \
childsa enc aes-256-gcm group modp2048 noesn \
childsa enc aes-256 group modp2048 \
childsa enc aes-256 group modp2048 noesn \
childsa enc aes-256-gcm group modp2048 prf hmac-sha2-256 \
childsa enc aes-256-gcm group modp2048 prf hmac-sha2-256 noesn \
childsa enc aes-256 group modp2048 prf hmac-sha2-256 \
childsa enc aes-256 group modp2048 prf hmac-sha2-256 noesn \
childsa enc aes-256 group modp2048 prf hmac-sha1 \
childsa enc aes-256 group modp2048 prf hmac-sha1 noesn \
Any ideas?
