最後更新: 2021-01-14

介紹

IPSec 多用於 Site2Site VPN, 以下內容主要是說明 Site2Site VPN 的安裝

Diagram

       Site A(10.0.0.88) <-> (10.0.0.160)Site B(DC)
(192.168.88.x/24)                    (192.168.160.x/24)

目錄

• Installation
• OS Setting
• Firewall Setting
• Configure
• CLI - strongswan
• Disable charon 's DHCP
• NAT Traversal (NAT-T)
• CLI - swanctl

 

---

Installation

 

Setup

# OS: Centos7, strongswan-5.7.2

yum install epel-release

yum install strongswan

Enable Service

systemctl start strongswan

systemctl enable strongswan

Checking

netstat -nlup | grep charon

udp        0      0 0.0.0.0:4500            0.0.0.0:*                           3194/charon
udp        0      0 0.0.0.0:500             0.0.0.0:*                           3194/charon
udp        0      0 0.0.0.0:68              0.0.0.0:*                           3194/charon

strongswan version

Linux strongSwan U5.7.2/K3.10.0-1160.11.1.el7.x86_64
University of Applied Sciences Rapperswil, Switzerland
See 'strongswan --copyright' for copyright information.

strongswan --help

 

---

OS Setting

 

/etc/sysctl.conf

# Disable sending of ICMP redirects and Reverse Path filters

# IPSec Settings
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.all.rp_filter = 0

# forwarding

net.ipv4.ip_forward = 1

sysctl -p

 

---

Firewall Setting

 

#Site A

/etc/sysconfig/iptables

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
...
#### IPSec Settins
-A INPUT -p udp --dport 500  -s 10.0.0.160 -j ACCEPT
-A INPUT -p udp --dport 4500 -s 10.0.0.160 -j ACCEPT
-A FORWARD -s 192.168.88.0/24  -d 192.168.10.0/24 -j ACCEPT
-A FORWARD -s 192.168.160.0/24 -d 192.168.88.0/24 -j ACCEPT
...
#### Last Rule
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
#### Another Side point GW to Local Side
-A POSTROUTING -s 192.168.160.0/24 -o ens5 -j MASQUERADE
COMMIT

 

---

Configure

 

Config File Location

cd /etc/strongswan

File: ipsec.secrets

# man strongswan_ipsec.secrets

strongSwan 的 IKE 會讀它

Generate Preshared Key

openssl rand -base64 16                                           # 方法1

cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 24       # 方法2

ipsec.secrets

10.0.0.88 10.0.0.160 : PSK "????"

Format

# comment
[ <selectors> ] : PSK <Secret>

separated by a colon (:) that is surrounded by whitespace

A selector is an IP address / a Fully Qualified Domain Name or %any

Secret Format

• string
• 0x is interpreted as sequence of hexadecimal digits
• 0s is interpreted as Base64 encoded binary data.

File: strongswan.conf

# man strongswan.conf

charon {
        load_modular = yes
        plugins {
                include strongswan.d/charon/*.conf
        }
}

include strongswan.d/*.conf

ipsec.conf

# man strongswan_ipsec.conf

config setup
        charondebug="all"
        uniqueids=yes

conn dc-to-office
        auto=start
        type=tunnel
        keyexchange=ikev2
        authby=psk
        # Net
        left=10.0.0.160
        leftsubnet=192.168.160.0/24
        right=10.0.0.88
        rightsubnet=192.168.88.0/24
        # Enc
        ike=aes256-sha1-modp2048!
        esp=aes256-sha1-modp2048!
        # lifetime
        keyingtries=%forever
        ikelifetime=86400s
        lifetime=3600s
        # DPD
        dpdaction=restart
        dpddelay=10s
        # IKEv1 Setting, 由於用 ikev2, 所以可略過它
        #aggressive=no
        #dpdtimeout=120s

說明

uniqueids = yes (default)

whether a particular participant ID should  be kept unique,

with any new IKE_SA using an ID deemed to replace all old ones using that ID;

auto

ipsec 啟動時此 conn 是否啟動(add,  route,  start  and ignore (the  default))

add: loads a connection without starting it.

route: loads a connection and installs kernel traps.

start: loads a connection and brings  it up immediately.

ignore: ignores the connection.

keyexchange = ike(Default) | ikev1 | ikev2

left or right

left or right is arbitrary, 與 local remote 無關

ike = <cipher suites>

comma-separated list of IKE/ISAKMP SA encryption/authentication

Format: encryption-integrity[-prf]-dhgroup

If no PRF is given, the algorithms defined for integrity are used for the PRF.

i.e.

aes256-sha256-modp2048

In IKEv2, multiple algorithms and  proposals  may  be  included

aes128-aes256-sha1-modp3072-modp2048,3des-sha1-md5-modp1024

The  daemon adds its extensive default proposal to this default or the configured value.

To restrict  it  to the configured proposal an exclamation mark (!) can be added at the end.

esp = <cipher suites>

encryption-integrity[-dhgroup][-esnmode]

aes256-sha128

keyingtries = 3 (default)

how many attempts should be made to negotiate a connection,

or a replacement for one, before  giving up.

dpddelay

the period time interval with which R_U_THERE messages/INFORMATIONAL

exchanges are sent to the peer.

These are only sent if no other traffic is received.

IKEv1 Setting

aggressive

    whether to use IKEv1 Aggressive or Main Mode (the default)

dpdtimeout

    only applies to IKEv1. In IKEv2 the default retransmission timeout applies

 

---

CLI - strongswan

 

ipsec - invoke IPsec utilities

# man strongswan

Start / Stop

start

calls starter which in turn parses ipsec.conf and starts the IKE daemon charon

stop

terminates all IPsec connections and stops the IKE daemon charon by sending a TERM signal to starter

restart

stop followed by start

update

update sends a HUP signal to starter which in turn determines any changes in ipsec.conf and

(/usr/libexec/strongswan/starter)

updates the configuration on the running IKE daemon charon

reload

sends a USR1 signal to starter which in turn reloads

the whole configuration of the running IKE daemon charon based on the actual ipsec.conf

up / down <name>

tells the IKE daemon to start up connection name.

tells the IKE daemon to terminate connection name

route name / unroute <name>

tells the responsible IKE daemon to insert an IPsec policy in the kernel for connection name.

The first payload packet matching the IPsec policy will  automatically  trigger  an IKE connection setup.

i.e.

strongswan start

Starting strongSwan 5.7.2 IPsec [starter]...

Status

strongswan status

# No connection

Security Associations (0 up, 0 connecting):
  none

# Phase 1 Only

Security Associations (1 up, 0 connecting):
dc-to-office[1]: ESTABLISHED 13 seconds ago, 192.168.160.253[192.168.160.253]...r.r.r.r[r.r.r.r]

# Phase 1 & 2

Security Associations (1 up, 0 connecting):
dc-to-office[2]: ESTABLISHED 13 minutes ago, 192.168.160.253[192.168.160.253]...r.r.r.r[r.r.r.r]
dc-to-office{2}:  INSTALLED, TUNNEL, reqid 1, ESP in UDP SPIs: c2a228a0_i 084d41ec_o
dc-to-office{2}:   192.168.160.0/24[icmp] === 192.168.88.0/24[icmp]

[icmp] 只可以比 icmp traffice 過

statusall

Status of IKE charon daemon (strongSwan 5.7.2, Linux 3.10.0-1160.11.1.el7.x86_64, x86_64):
  uptime: 8 minutes, since Jan 14 03:13:45 2021
  malloc: sbrk 2666496, mmap 0, used 581424, free 2085072
  worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 0
  loaded plugins: charon ...
Listening IP addresses:
  192.168.160.253
Connections:
Security Associations (0 up, 0 connecting):
  none

Other

rereadsecrets

flushes and rereads all secrets defined in ipsec.secrets

resetcounters [name]

resets global or connection specific counters.

listalgs

List of registered IKE algorithms

Log

/var/log/messages

 

---

ID Setting

 

# 錯 ID(X.X.X.X) 導致 AUTH_FAILED

# Strongswan log

... charon: 13[NET] received packet: from R.R.R.R[4500] to 192.168.160.253[4500] (518 bytes)
... charon: 13[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N((40002)) N(FRAG_SUP) V V V ]
... charon: 13[ENC] received unknown vendor ID: 69:93:...
... charon: 13[ENC] received unknown vendor ID: 09:00:...
... charon: 13[ENC] received unknown vendor ID: fd:80:...
... charon: 13[IKE] R.R.R.R is initiating an IKE_SA
... charon: 13[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
... charon: 13[IKE] local host is behind NAT, sending keep alives
... charon: 13[IKE] remote host is behind NAT
... charon: 13[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(MULT_AUTH) ]
... charon: 13[NET] sending packet: from 192.168.160.253[4500] to R.R.R.R[4500] (448 bytes)
... charon: 14[NET] received packet: from R.R.R.R[4500] to 192.168.160.253[4500] (256 bytes)
... charon: 14[ENC] parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(INIT_CONTACT) N(SET_WINSIZE) ]
... charon: 14[CFG] looking for peer configs matching 192.168.160.253[X.X.X.X]...R.R.R.R[R.R.R.R]
... charon: 14[CFG] no matching peer config found
... charon: 14[ENC] generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
... charon: 14[NET] sending packet: from 192.168.160.253[4500] to R.R.R.R[4500] (80 bytes)

Strongswan Setting

ipsec.conf

conn dc-to-office
        auto=start
        type=tunnel
        keyexchange=ikev2
        authby=psk
        # DC
        left=10.0.0.160
        leftsubnet=192.168.160.0/24
        leftid=10.0.0.160
        ...

leftid = <Local-ID> | rightid = <Remote-ID>

how the left participant should be identified for authentication;

defaults to left or the subject of the certificate configured with leftcert.

---

If leftcert is configured the identity has to be confirmed by the certificate.

Can be an IP address / a fully-qualified domain name, ...

Juniper Setting

security {
    ike {
        gateway gw1 {
            ...
            local-identity inet L.L.L.L;
            remote-identity inet X.X.X.X;
        }
    }
}

 

---

Disable charon 's DHCP

 

/etc/strongswan/strongswan.d/charon/dhcp.conf

dhcp {
    load = no
}

 

---

NAT Traversal (NAT-T)

 

The IKEv2 protocol includes NAT traversal (NAT-T) in the core standard, but it's optional to implement.

    strongSwan implements it and does not require any special configuration.

If a NAT situation is detected, the client switches to UDP port 4500 to send the IKE_AUTH request

    (only if it used UDP port 500 initially) and UDP encapsulation will be activated for IPsec SAs.

NAT-T cannot be disabled in the charon IKE daemon.

    If you don't like the automatic port floating to UDP/4500 due to the "MOBIKE protocol"

    (which happens even if no NAT situation exists)

    then you can disable MOBIKE by disabling the mobike option in your connection definition.

Forced UDP encapsulation for ESP packets

ipsec.conf

forceencaps = yes

The daemon will send a fake NAT_DETECTION_SOURCE_IP notify payload so it looks to the peer as if there is a NAT situation.

NAT-T Keepalives

strongswan.d/charon.conf

charon {
    keep_alive = 20s
}

 

---

CLI - swanctl

 

# man swanctl

strongSwan configuration, control and monitoring command line interface

-L, --list-conns            # list loaded configurations

dc-to-office: IKEv2, reauthentication every 85860s, no rekeying, dpd delay 10s
  local:  L.L.L.L
  remote: R.R.R.R
  local pre-shared key authentication:
    id: Local-ID
  remote pre-shared key authentication:
    id: Remote-ID
  dc-to-office: TUNNEL, rekeying every 3060s, dpd action is restart
    local:  192.168.160.0/24
    remote: 192.168.161.0/24

-l, --list-sas                # list currently active IKE_SAs

dc-to-office: #1, ESTABLISHED, IKEv2, dbe5b3ccda2068da_i* a64858a4055a0700_r
  local  'Local-ID' @ L.L.L.L[4500]
  remote 'Remote-ID' @ R.R.R.R[4500]
  AES_CBC-256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  established 23998s ago, reauth in 61835s
  dc-to-office: #9, reqid 1, INSTALLED, TUNNEL-in-UDP, ESP:AES_CBC-256/HMAC_SHA1_96/MODP_2048
    installed 2333s ago, rekeying in 515s, expires in 1267s
    in  c9a3159b, 3326087 bytes, 16527 packets,     0s ago
    out 0685f180, 4982029 bytes, 10073 packets,     1s ago
    local  192.168.160.0/24
    remote 192.168.161.0/24

-S, --stats                  # show daemon infos and statistics

uptime: 23 minutes, since Jan 14 09:14:59 2021
worker threads: 16 total, 11 idle, working: 4/0/1/0
job queues: 0/0/0/0
jobs scheduled: 4
IKE_SAs: 1 total, 0 half-open
mallinfo: sbrk 2666496, mmap 0, used 606480, free 2060016
loaded plugins: charon ...

 

---