这是情况:
- GW 在 CentOS7 上安装了 Strongswan 5.7.2 并加载了这些插件:
charon pkcs11 tpm aesni aes des rc2 sha2 sha1 md4 md5 mgf1 随机 nonce x509 撤销约束 acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl gcrypt fips-prf gmp curve25519 chapoly xcbc cmac hmac ctr ccm gcm curl attr kernel-netlink resolve socket-default farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp eap-aka-3gpp2 eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp led duplicheck unity counters
同一个 CA 机构签署了所有证书(对于 GW 和客户端的身份)
客户端处于 Roadwarrior 模式,在 Windows 10 上
ipsec.conf:
# VPN connections
conn %default
mobike=yes
esp=aes256gcm128-sha512-modp4096,aes256-sha1-modp1024!
ike=aes256gcm128-sha512-modp4096,aes256-sha384-modp1024!
eap_identity=%any
keyexchange=ikev2
forceencaps=yes
auto=add
conn IKEv2-eap
leftauth=pubkey
leftfirewall=yes
leftcert=gwCert.pem
leftsubnet=0.0.0.0/0
right=%any
rightsourceip=10.3.0.0/24
rightsendcert=never
rightdns=134.158.128.2,134.158.128.6
rightauth=eap-tls
eap_identity=%identity
- ipsec.secrets:
# ipsec.secrets - strongSwan IPsec secrets file
: RSA gwKey.pem
- GW证书:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62767 (0xf52f)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=FR, O=Organization, CN=IntermediateAuthority
Validity
Not Before: May 20 13:26:11 2019 GMT
Not After : May 19 13:26:11 2021 GMT
Subject: C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
...
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
Netscape Cert Type:
SSL Client, SSL Server
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Netscape Comment:
Certificat serveur IntermediateAuthority
X509v3 Subject Key Identifier:
...
X509v3 Authority Key Identifier:
keyid:...
DirName:/C=FR/O=Organization/CN=RootAuthority
serial:03
X509v3 Subject Alternative Name:
email:[email protected]
X509v3 CRL Distribution Points:
Full Name:
URI:http://crls.domain.tld/IntermediateAuthority/getder.crl
Signature Algorithm: sha1WithRSAEncryption
...
- 客户证书:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62711 (0xf4f7)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=FR, O=Organization, CN=IntermediateAuthority
Validity
Not Before: May 15 08:58:59 2019 GMT
Not After : May 14 08:58:59 2021 GMT
Subject: C=FR, O=Organization, OU=OUnit, CN=My Name/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
...
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
Netscape Cert Type:
SSL Client, S/MIME, Object Signing
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment
Netscape Comment:
Certificat IntermediateAuthority.
X509v3 Subject Key Identifier:
...
X509v3 Authority Key Identifier:
keyid:...
DirName:/C=FR/O=Organization/CN=RootAuthority
serial:03
X509v3 Subject Alternative Name:
email:[email protected]
X509v3 CRL Distribution Points:
Full Name:
URI:http://crls.domain.tld/IntermediateAuthority/getder.crl
Signature Algorithm: sha1WithRSAEncryption
...
- charon.log:
May 21 10:27:04 00[DMN] Starting IKE charon daemon (strongSwan 5.7.2, Linux 3.10.0-957.12.2.el7.x86_64, x86_64)
May 21 10:27:04 00[CFG] PKCS11 module '<name>' lacks library path
May 21 10:27:04 00[LIB] openssl FIPS mode(2) - enabled
May 21 10:27:04 00[CFG] loading ca certificates from '/etc/strongswan/ipsec.d/cacerts'
May 21 10:27:04 00[CFG] loaded ca certificate "C=FR, O=Organization, CN=IntermediateAuthority" from '/etc/strongswan/ipsec.d/cacerts/ca-std.pem'
May 21 10:27:04 00[CFG] loaded ca certificate "C=FR, O=Organization, CN=RootAuthority" from '/etc/strongswan/ipsec.d/cacerts/ca.pem'
May 21 10:27:04 00[CFG] loading aa certificates from '/etc/strongswan/ipsec.d/aacerts'
May 21 10:27:04 00[CFG] loading ocsp signer certificates from '/etc/strongswan/ipsec.d/ocspcerts'
May 21 10:27:04 00[CFG] loading attribute certificates from '/etc/strongswan/ipsec.d/acerts'
May 21 10:27:04 00[CFG] loading crls from '/etc/strongswan/ipsec.d/crls'
May 21 10:27:04 00[CFG] loading secrets from '/etc/strongswan/ipsec.secrets'
May 21 10:27:04 00[CFG] loaded RSA private key from '/etc/strongswan/ipsec.d/private/gwKey.pem'
May 21 10:27:04 00[CFG] loaded EAP secret for user
May 21 10:27:04 00[CFG] loaded EAP secret for My Name
May 21 10:27:04 00[CFG] opening triplet file /etc/strongswan/ipsec.d/triplets.dat failed: No such file or directory
May 21 10:27:04 00[CFG] loaded 0 RADIUS server configurations
May 21 10:27:04 00[CFG] HA config misses local/remote address
May 21 10:27:04 00[CFG] no script for ext-auth script defined, disabled
May 21 10:27:04 00[LIB] loaded plugins: charon pkcs11 tpm aesni aes des rc2 sha2 sha1 md4 md5 mgf1 random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl gcrypt fips-prf gmp curve25519 chapoly xcbc cmac hmac ctr ccm gcm curl attr kernel-netlink resolve socket-default farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp eap-aka-3gpp2 eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp led duplicheck unity counters
May 21 10:27:04 00[JOB] spawning 16 worker threads
May 21 10:27:04 05[CFG] received stroke: add connection 'IKEv2-eap'
May 21 10:27:04 05[CFG] adding virtual IP address pool 10.3.0.0/24
May 21 10:27:04 05[CFG] loaded certificate "C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, [email protected]" from 'gwCert.pem'
May 21 10:27:04 05[CFG] id '%any' not confirmed by certificate, defaulting to 'C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, [email protected]'
May 21 10:27:04 05[CFG] added configuration 'IKEv2-eap'
May 21 10:27:11 12[NET] <1> received packet: from 172.10.128.210[500] to 172.10.130.248[500] (624 bytes)
May 21 10:27:11 12[ENC] <1> parsed IKE_SA_INIT request 0 [ SA KE No N(FRAG_SUP) N(NATD_S_IP) N(NATD_D_IP) V V V V ]
May 21 10:27:11 12[IKE] <1> received MS NT5 ISAKMPOAKLEY v9 vendor ID
May 21 10:27:11 12[IKE] <1> received MS-Negotiation Discovery Capable vendor ID
May 21 10:27:11 12[IKE] <1> received Vid-Initial-Contact vendor ID
May 21 10:27:11 12[ENC] <1> received unknown vendor ID: 01:52:8b:bb:c0:06:96:12:18:49:ab:9a:1c:5b:2a:51:00:00:00:02
May 21 10:27:11 12[IKE] <1> 172.10.128.210 is initiating an IKE_SA
May 21 10:27:11 12[CFG] <1> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024
May 21 10:27:11 12[IKE] <1> faking NAT situation to enforce UDP encapsulation
May 21 10:27:11 12[ENC] <1> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(MULT_AUTH) ]
May 21 10:27:11 12[NET] <1> sending packet: from 172.10.130.248[500] to 172.10.128.210[500] (320 bytes)
May 21 10:27:11 15[NET] <1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes)
May 21 10:27:11 15[ENC] <1> parsed IKE_AUTH request 1 [ EF(1/3) ]
May 21 10:27:11 15[ENC] <1> received fragment #1 of 3, waiting for complete IKE message
May 21 10:27:11 15[NET] <1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes)
May 21 10:27:11 15[ENC] <1> parsed IKE_AUTH request 1 [ EF(2/3) ]
May 21 10:27:11 15[ENC] <1> received fragment #2 of 3, waiting for complete IKE message
May 21 10:27:11 16[NET] <1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (332 bytes)
May 21 10:27:11 16[ENC] <1> parsed IKE_AUTH request 1 [ EF(3/3) ]
May 21 10:27:11 16[ENC] <1> received fragment #3 of 3, reassembled fragmented IKE message (1320 bytes)
May 21 10:27:11 16[ENC] <1> parsed IKE_AUTH request 1 [ IDi CERTREQ N(MOBIKE_SUP) CPRQ(ADDR DNS NBNS SRV) SA TSi TSr ]
May 21 10:27:11 16[IKE] <1> received cert request for "C=FR, O=Organization, CN=IntermediateAuthority"
May 21 10:27:11 16[IKE] <1> received cert request for "C=FR, O=Organization, CN=RootAuthority"
May 21 10:27:11 16[IKE] <1> received 47 cert requests for an unknown ca
May 21 10:27:11 16[CFG] <1> looking for peer configs matching 172.10.130.248[%any]...172.10.128.210[172.10.128.210]
May 21 10:27:11 16[CFG] <IKEv2-eap|1> selected peer config 'IKEv2-eap'
May 21 10:27:11 16[IKE] <IKEv2-eap|1> initiating EAP_IDENTITY method (id 0x00)
May 21 10:27:11 16[IKE] <IKEv2-eap|1> peer supports MOBIKE
May 21 10:27:11 16[IKE] <IKEv2-eap|1> authentication of 'C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, [email protected]' (myself) with RSA signature successful
May 21 10:27:11 16[IKE] <IKEv2-eap|1> sending end entity cert "C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, [email protected]"
May 21 10:27:11 16[ENC] <IKEv2-eap|1> generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
May 21 10:27:11 16[ENC] <IKEv2-eap|1> splitting IKE message (1656 bytes) into 2 fragments
May 21 10:27:11 16[ENC] <IKEv2-eap|1> generating IKE_AUTH response 1 [ EF(1/2) ]
May 21 10:27:11 16[ENC] <IKEv2-eap|1> generating IKE_AUTH response 1 [ EF(2/2) ]
May 21 10:27:11 16[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (1244 bytes)
May 21 10:27:11 16[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (492 bytes)
May 21 10:27:11 15[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (104 bytes)
May 21 10:27:11 15[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 2 [ EAP/RES/ID ]
May 21 10:27:11 15[IKE] <IKEv2-eap|1> received EAP identity 'My Name'
May 21 10:27:11 15[IKE] <IKEv2-eap|1> initiating EAP_TLS method (id 0xC9)
May 21 10:27:11 15[ENC] <IKEv2-eap|1> generating IKE_AUTH response 2 [ EAP/REQ/TLS ]
May 21 10:27:11 15[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (88 bytes)
May 21 10:27:11 07[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (248 bytes)
May 21 10:27:11 07[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 3 [ EAP/RES/TLS ]
May 21 10:27:11 07[TLS] <IKEv2-eap|1> negotiated TLS 1.2 using suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
May 21 10:27:11 07[TLS] <IKEv2-eap|1> sending TLS server certificate 'C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, [email protected]'
May 21 10:27:11 07[TLS] <IKEv2-eap|1> sending TLS intermediate certificate 'C=FR, O=Organization, CN=IntermediateAuthority'
May 21 10:27:11 07[TLS] <IKEv2-eap|1> sending TLS cert request for 'C=FR, O=Organization, CN=IntermediateAuthority'
May 21 10:27:11 07[TLS] <IKEv2-eap|1> sending TLS cert request for 'C=FR, O=Organization, CN=RootAuthority'
May 21 10:27:11 07[ENC] <IKEv2-eap|1> generating IKE_AUTH response 3 [ EAP/REQ/TLS ]
May 21 10:27:11 07[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (1112 bytes)
May 21 10:27:11 05[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (88 bytes)
May 21 10:27:11 05[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 4 [ EAP/RES/TLS ]
May 21 10:27:11 05[ENC] <IKEv2-eap|1> generating IKE_AUTH response 4 [ EAP/REQ/TLS ]
May 21 10:27:11 05[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (1112 bytes)
May 21 10:27:11 08[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (88 bytes)
May 21 10:27:11 08[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 5 [ EAP/RES/TLS ]
May 21 10:27:11 08[ENC] <IKEv2-eap|1> generating IKE_AUTH response 5 [ EAP/REQ/TLS ]
May 21 10:27:11 08[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (744 bytes)
May 21 10:27:11 09[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes)
May 21 10:27:11 09[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 6 [ EF(1/3) ]
May 21 10:27:11 09[ENC] <IKEv2-eap|1> received fragment #1 of 3, waiting for complete IKE message
May 21 10:27:11 09[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes)
May 21 10:27:11 09[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 6 [ EF(2/3) ]
May 21 10:27:11 09[ENC] <IKEv2-eap|1> received fragment #2 of 3, waiting for complete IKE message
May 21 10:27:11 09[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (492 bytes)
May 21 10:27:11 09[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 6 [ EF(3/3) ]
May 21 10:27:11 09[ENC] <IKEv2-eap|1> received fragment #3 of 3, reassembled fragmented IKE message (1480 bytes)
May 21 10:27:11 09[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 6 [ EAP/RES/TLS ]
May 21 10:27:11 09[ENC] <IKEv2-eap|1> generating IKE_AUTH response 6 [ EAP/REQ/TLS ]
May 21 10:27:11 09[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (88 bytes)
May 21 10:27:11 13[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes)
May 21 10:27:11 13[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 7 [ EF(1/3) ]
May 21 10:27:11 13[ENC] <IKEv2-eap|1> received fragment #1 of 3, waiting for complete IKE message
May 21 10:27:11 13[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes)
May 21 10:27:11 13[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 7 [ EF(2/3) ]
May 21 10:27:11 13[ENC] <IKEv2-eap|1> received fragment #2 of 3, waiting for complete IKE message
May 21 10:27:11 13[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (316 bytes)
May 21 10:27:11 13[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 7 [ EF(3/3) ]
May 21 10:27:11 13[ENC] <IKEv2-eap|1> received fragment #3 of 3, reassembled fragmented IKE message (1304 bytes)
May 21 10:27:11 13[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 7 [ EAP/RES/TLS ]
May 21 10:27:11 13[TLS] <IKEv2-eap|1> received TLS peer certificate 'C=FR, O=Organization, OU=OUnit, CN=My Name, [email protected]'
May 21 10:27:11 13[TLS] <IKEv2-eap|1> received TLS intermediate certificate 'C=FR, O=Organization, CN=IntermediateAuthority'
May 21 10:27:11 13[TLS] <IKEv2-eap|1> no trusted certificate found for 'My Name' to verify TLS peer
May 21 10:27:11 13[TLS] <IKEv2-eap|1> sending fatal TLS alert 'certificate unknown'
May 21 10:27:11 13[ENC] <IKEv2-eap|1> generating IKE_AUTH response 7 [ EAP/REQ/TLS ]
May 21 10:27:11 13[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (104 bytes)
May 21 10:27:11 06[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (88 bytes)
May 21 10:27:11 06[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 8 [ EAP/RES/TLS ]
May 21 10:27:11 06[IKE] <IKEv2-eap|1> EAP method EAP_TLS failed for peer 172.10.128.210
May 21 10:27:11 06[ENC] <IKEv2-eap|1> generating IKE_AUTH response 8 [ EAP/FAIL ]
May 21 10:27:11 06[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (88 bytes)
- 主机名 GW:vpn.domain.tld
问题是我的 Windows 客户端安装隧道,但不接受身份验证可能是因为 charon.log 中的这些行:
May 21 10:27:11 13[TLS] <IKEv2-eap|1> received TLS peer certificate 'C=FR, O=Organization, OU=OUnit, CN=My Name, [email protected]'
May 21 10:27:11 13[TLS] <IKEv2-eap|1> received TLS intermediate certificate 'C=FR, O=Organization, CN=IntermediateAuthority'
May 21 10:27:11 13[TLS] <IKEv2-eap|1> no trusted certificate found for 'My Name' to verify TLS peer
May 21 10:27:11 13[TLS] <IKEv2-eap|1> sending fatal TLS alert 'certificate unknown'
我的配置有什么问题?
客户端发送的 EAP 身份(显然是“我的名字”)与完整的主题专有名称 (DN) 或任何主题可选名称 (SAN) 扩展的值和类型都不匹配。由于 strongSwan 不会将身份与 DN 的某些部分进行匹配,例如
CN
相对专有名称 (RDN) - 甚至对于 EAP-TLS 也不适用 - 找不到用于确认身份的证书。两种可能的解决方案:
如果客户端允许,让它发送一个不同的身份,例如完整的 DN,或电子邮件地址,它作为 SAN 包含在证书中。不过,我认为这对于 Windows 客户端是不可能的。
如果客户端总是将
CN
RDN 的值作为 EAP 身份发送,则需要更改客户端证书:CN
以匹配其中一个 SAN,在这种情况下,您可以将其设置为电子邮件地址(如有必要,该人的姓名可以编码为S
- 对于姓氏 - 和G
- 对于给定名称 - DN 中的 RDN)。CN
值匹配。虽然这在技术上不是一个有效的域名(由于空格),但它应该与 EAP 身份匹配,因为它被 strongSwan解析为类型的身份ID_FQDN
(这是它的后备类型)。