主页 / unix / 问题 / 750097
Accepted
The Coding Penguin
Asked: 2023-06-28 23:32:46 +0800 CST

IPSec 隧道一直有效,直到重新生成密钥,然后获取 NO_PROPOSAL_CHOSEN

  • 772

语境

我在办公室的 Raspberry Pi 和云中的 pfSense 防火墙之间建立了一条站点到站点的 IPSec 隧道。我在 Raspberry Pi 端使用 Strongswan。

问题

我的隧道建立并运行良好一段时间,但当它必须自行重新加密时,协商失败。

我是否缺少一些明显的东西?

日志(Raspberry 侧)

初始连接

raspberrypi charon[2422]: 09[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
raspberrypi charon[2422]: 09[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA2_256_128/NO_EXT_SEQ
raspberrypi charon[2422]: 09[IKE] CHILD_SA net-net{1} established with SPIs c3eaa3c7_i c944ab71_o and TS RASPI_NET/24 === PFSENSE_NET/16
raspberrypi charon[2422]: 09[IKE] CHILD_SA net-net{1} established with SPIs c3eaa3c7_i c944ab71_o and TS RASPI_NET/24 === PFSENSE_NET/16

重新生成密钥(这就是出错的地方)

raspberrypi charon[507]: 11[NET] received packet: from PFSENSE_IP[4500] to RASPI_LOCAL_IP[4500] (80 bytes)
raspberrypi charon[507]: 11[ENC] parsed INFORMATIONAL request 153 [ D ]
raspberrypi charon[507]: 11[IKE] received DELETE for ESP CHILD_SA with SPI ce632e5b
raspberrypi charon[507]: 11[IKE] closing CHILD_SA net-net{1} with SPIs ccc38dd0_i (94042284 bytes) ce632e5b_o (5169556 bytes) and TS RASPI_NET/24 === PFSENSE_NET/16
raspberrypi charon[507]: 11[IKE] closing CHILD_SA net-net{1} with SPIs ccc38dd0_i (94042284 bytes) ce632e5b_o (5169556 bytes) and TS RASPI_NET/24 === PFSENSE_NET/16
raspberrypi charon[507]: 11[IKE] sending DELETE for ESP CHILD_SA with SPI ccc38dd0
raspberrypi charon[507]: 11[IKE] CHILD_SA closed
raspberrypi charon[507]: 11[ENC] generating INFORMATIONAL response 153 [ D ]
raspberrypi charon[507]: 11[NET] sending packet: from RASPI_LOCAL_IP[4500] to PFSENSE_IP[4500] (80 bytes)
raspberrypi charon[507]: 12[NET] received packet: from PFSENSE_IP[4500] to RASPI_LOCAL_IP[4500] (80 bytes)
raspberrypi charon[507]: 12[ENC] parsed INFORMATIONAL request 154 [ ]
raspberrypi charon[507]: 12[ENC] generating INFORMATIONAL response 154 [ ]
raspberrypi charon[507]: 12[NET] sending packet: from RASPI_LOCAL_IP[4500] to PFSENSE_IP[4500] (80 bytes)
raspberrypi charon[507]: 06[NET] received packet: from PFSENSE_IP[4500] to RASPI_LOCAL_IP[4500] (640 bytes)
raspberrypi charon[507]: 06[ENC] parsed CREATE_CHILD_SA request 155 [ N(ESP_TFC_PAD_N) SA No KE TSi TSr ]
raspberrypi charon[507]: 06[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
raspberrypi charon[507]: 06[CFG] received proposals: ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_16_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
raspberrypi charon[507]: 06[CFG] configured proposals: ESP:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256, ESP:AES_CBC_128/AES_CBC_192/AES_CBC_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/NO_EXT_SEQ
raspberrypi charon[507]: 06[IKE] no acceptable proposal found
raspberrypi charon[507]: 06[IKE] failed to establish CHILD_SA, keeping IKE_SA
raspberrypi charon[507]: 06[ENC] generating CREATE_CHILD_SA response 155 [ N(NO_PROP) ]
raspberrypi charon[507]: 06[NET] sending packet: from RASPI_LOCAL_IP[4500] to PFSENSE_IP[4500] (80 bytes)
raspberrypi charon[507]: 01[JOB] CHILD_SA ESP/0xccc38dd0/RASPI_LOCAL_IP not found for rekey
raspberrypi charon[507]: 08[JOB] CHILD_SA ESP/0xccc38dd0/RASPI_LOCAL_IP not found for rekey

我尝试过做什么

如果我通过 SSH 连接到 Raspberry 并运行ipsec restart,隧道将再次建立并正常工作,直到下一次重新生成密钥。

我无法理解为什么这些建议在重新生成密钥时不匹配(如果它们与初始连接匹配)。此外,我确实在 swanctl 配置文件中要求了不同的算法。

我尝试更改两侧的配置,但问题似乎始终位于 Raspberry 一侧(顺便说一句,pfSense 仅适用于响应程序)。

配置文件

/etc/swanctl/conf.d/myfile.conf

connections {
  gw-gw {
    local_addrs = RASPI_LAN_IP
    remote_addrs = PFSENSE_IP
    local {
      auth = psk
      id = RASPI_PUBLIC_IP
    }
    remote {
      auth = psk
      id = PFSENSE_IP
    }
    children {
      net-net {
        local_ts = RASPI_NET/24
        remote_ts = PFSENSE_NET/16
        start_action = start
        dpd_action = restart
      }
    }
    version = 2
    dpd_delay = 60
    mobike = no
    proposals = aes128-sha256-modp2048,default
  }
}

secrets {
  ike-1 {
    id-1 = RASPI_PUBLIC_IP
    id-2 = PFSENSE_IP
    secret = "MYPSK"
  }
}

pfSense

阶段1

阶段1

阶段2

阶段2

ipsec

1 个回答

  1. Best Answer

    此外,我确实在 swanctl 配置文件中要求了不同的算法。

    您仅针对 IKE 这样做,而不是针对 ESP/IPsec。

    我无法理解为什么这些建议在重新生成密钥时不匹配(如果它们与初始连接匹配)。

    这是对 IKEv2 的常见误解。为 IKE_AUTH 期间创建的 CHILD_SA (IPsec SA) 协商的提议不包含任何密钥交换方法(例如 DH 组),因为密钥始终源自 IKE_SA 的密钥材料。

    因此,如果一个对等点(在您的情况下是 pfSense)配置了一个或多个 DH 组(并且也不包含NONE),而另一个(strongSwan)没有配置,则在 CHILD_SA 实际重新生成密钥并且必须协商密钥交换方法。关于重新生成 CHILD_SAs 密钥的 StrongSwan 文档也对此进行了描述。

    所以你想要在strongSwan客户端上配置的是这样的:

    connections {
  gw-gw {
    ...
    children {
      net-net {
        ...
        esp_proposals = aes128gcm16-modp2048
      }
    }
    ...
  }
}
    • 3

相关问题