I am configuring Strongswan server for VPN clients to access internal network (EAP-IKEv2). I set it up successfully using self-signed server certificates and it works for clients using Mac OS X, Windows 7 and Windows 10 after adding ca.crt to the clients' Root CA's as trusted.
Now I would like to switch to Letsencrypt certificates which should be trusted without any additional client-side configuration and unfortunately I cannot get it working for some reason.
Server: Strongswan version 5.6.2 on Ubuntu 18.04. Client: Mac OS X 10.14.2 / Ubuntu 18.04 / Windows 7 / Windows 10
Mac OS X VPN error I receive is: The VPN server did not respond. Just for comparison with self-signed certificates without adding ca.crt to Mac OS I would receive User Authentication failed.
When I copy server.crt to the client it says This certificate is valid.
I also tried to set IP Security (IPsec) for DST ROOT CA X3 certificate to Always trust and any other Letsencrypt related CA certificates in Mac OS but that didn't help.
I also tried to enforce Always Trust for server.crt cert but still no luck.
I tested all of the mentioned OSes (Linux using strongswan network-manager applet) and it did not work.
Because I could not get any reasonable debug logs from Mac OS and Windows I set up Strongswan client on other server using Ubuntu without network-manager applet. It started working after copying DST_Root_CA_X3.pem certificate from /etc/ssl/certs to /etc/ipsec.d/cacerts on the client.
I have 3 questions:
- How to get any debug logging from Mac OS native VPN client?
- Does Strongswan VPN even work with Letsencrypt certificates? What could be the problem here?
- Do you recommend any alternative that might be working? Racoon, Openswan? Let me leave OpenVPN as plan B.
Below you can find all the details.
Thank you for helping me out. I would appreciate any input.
Server
$ certbot certonly --rsa-key-size 2048 --standalone --agree-tos --no-eff-email --email info@company.com -d vpn.company.com
$ cp /etc/letsencrypt/live/vpn.company.com/fullchain.pem /etc/ipsec.d/certs/server.crt
$ cp /etc/letsencrypt/live/vpn.company.com/privkey.pem /etc/ipsec.d/private/server.key
I know that strongswan reads only first certificate found in server.crt. Still it does not work with second chain cert removed. It also does not work if I try to add chain.pem to /etc/ipsec.d/cacerts or any other CA certs from /etc/ssl/certs which is understood because CAcerts on server does not have impact on client auth.
I also tested converting certificates to DER and PEM formats.
PKI verify
$ ipsec pki --verify --in /etc/ipsec.d/certs/server.crt
no issuer certificate found for "CN=vpn.company.com"
issuer is "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3"
using trusted certificate "CN=vpn.company.com"
certificate trusted, lifetimes valid
Certificate details
$ openssl x509 -in certs/server.crt -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:50:51:[...]
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
Validity
Not Before: Mar 1 13:40:42 2019 GMT
Not After : May 30 13:40:42 2019 GMT
Subject: CN = vpn.company.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e3:a8:ea:8e:[...]
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
EC:6A:[...]
X509v3 Authority Key Identifier:
keyid:A8:4A:6A:[...]
Authority Information Access:
OCSP - URI:http://ocsp.int-x3.letsencrypt.org
CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
X509v3 Subject Alternative Name:
DNS:vpn.company.com
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 74:7E:DA:[...]
Timestamp : Mar 1 14:40:42.419 2019 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:[...]
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 29:3C:51:[...]
Timestamp : Mar 1 14:40:42.499 2019 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:[...]
Signature Algorithm: sha256WithRSAEncryption
8e:da:a3:[...]
ipsec.conf
config setup
charondebug="dmn 1, mgr 1, ike 1, chd 1, job 1, cfg 1, knl 1, net 1, asn 1, enc 1, lib 1, esp 1, tls 1, tnc 1, imc 1, imv 1, pts 1"
uniqueids=no
conn ikev2-vpn
auto=add
compress=no
type=tunnel
keyexchange=ikev2
ike=aes256-sha1-modp1024
esp=aes256-sha1
fragmentation=no
forceencaps=yes
dpdaction=clear
dpddelay=300s
rekey=no
left=%any
leftid=@vpn.company.com
leftauth=pubkey
leftcert=server.crt
leftsendcert=always
leftsubnet=0.0.0.0/0
leftfirewall=yes
right=%any
rightid=%any
rightauth=eap-mschapv2
rightsourceip=10.255.255.0/24
rightdns=1.1.1.1
rightsendcert=never
eap_identity=%identity
ipsec.secrets
vpn.company.com : RSA server.key
user %any% : EAP "user_password"
Strongswan server log
ipsec[11918]: Starting strongSwan 5.6.2 IPsec [starter]...
ipsec_starter[11918]: Starting strongSwan 5.6.2 IPsec [starter]...
charon[11943]: 00[DMN] Starting IKE charon daemon (strongSwan 5.6.2, Linux 4.15.0-45-generic, x86_64)
charon[11943]: 00[CFG] PKCS11 module '<name>' lacks library path
charon[11943]: 00[CFG] disabling load-tester plugin, not configured
charon[11943]: 00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL
charon[11943]: 00[NET] could not open socket: Address family not supported by protocol
charon[11943]: 00[NET] could not open IPv6 socket, IPv6 disabled
charon[11943]: 00[KNL] received netlink error: Address family not supported by protocol (97)
charon[11943]: 00[KNL] unable to create IPv6 routing table rule
charon[11943]: 00[CFG] dnscert plugin is disabled
charon[11943]: 00[CFG] ipseckey plugin is disabled
charon[11943]: 00[CFG] attr-sql plugin: database URI not set
charon[11943]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
charon[11943]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
charon[11943]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
charon[11943]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
charon[11943]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
charon[11943]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
charon[11943]: 00[CFG] loaded RSA private key from '/etc/ipsec.d/private/server.key'
charon[11943]: 00[CFG] loaded EAP secret for USERNAME_HERE %any%
charon[11943]: 00[CFG] sql plugin: database URI not set
charon[11943]: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
charon[11943]: 00[CFG] eap-simaka-sql database URI missing
charon[11943]: 00[CFG] loaded 0 RADIUS server configurations
charon[11943]: 00[CFG] HA config misses local/remote address
charon[11943]: 00[CFG] no threshold configured for systime-fix, disabled
charon[11943]: 00[CFG] coupling file path unspecified
charon[11943]: 00[LIB] loaded plugins: charon test-vectors unbound ldap pkcs11 tpm aesni aes rc2 sha2 sha1 md4 md5 mgf1 rdrand random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem openssl gcrypt af-alg fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock unity counters
charon[11943]: 00[LIB] dropped capabilities, running as uid 0, gid 0
charon[11943]: 00[JOB] spawning 16 worker threads
ipsec[11918]: charon (11943) started after 40 ms
ipsec_starter[11918]: charon (11943) started after 40 ms
charon[11943]: 06[CFG] received stroke: add connection 'ikev2-vpn'
charon[11943]: 06[CFG] adding virtual IP address pool 10.255.255.0/24
charon[11943]: 06[CFG] loaded certificate "CN=vpn.company.com" from 'server.crt'
charon[11943]: 06[CFG] added configuration 'ikev2-vpn'
charon[11943]: 08[NET] received packet: from CLIENT_IP_HERE[44709] to SERVER_IP_HERE[500] (604 bytes)
charon[11943]: 08[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
charon[11943]: 08[IKE] CLIENT_IP_HERE is initiating an IKE_SA
charon[11943]: 08[IKE] CLIENT_IP_HERE is initiating an IKE_SA
charon[11943]: 08[IKE] remote host is behind NAT
charon[11943]: 08[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
charon[11943]: 08[NET] sending packet: from SERVER_IP_HERE[500] to CLIENT_IP_HERE[44709] (440 bytes)
charon[11943]: 09[NET] received packet: from CLIENT_IP_HERE[44710] to SERVER_IP_HERE[4500] (512 bytes)
charon[11943]: 09[ENC] unknown attribute type (25)
charon[11943]: 09[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) N(MOBIKE_SUP) IDr CPRQ(ADDR DHCP DNS MASK ADDR6 DHCP6 DNS6 (25)) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ]
charon[11943]: 09[CFG] looking for peer configs matching SERVER_IP_HERE[vpn.company.com]...CLIENT_IP_HERE[CLIENT_LOCAL_IP_HERE]
charon[11943]: 09[CFG] selected peer config 'ikev2-vpn'
charon[11943]: 09[IKE] initiating EAP_IDENTITY method (id 0x00)
charon[11943]: 09[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
charon[11943]: 09[IKE] peer supports MOBIKE
charon[11943]: 09[IKE] authentication of 'vpn.company.com' (myself) with RSA signature successful
charon[11943]: 09[IKE] sending end entity cert "CN=vpn.company.com"
charon[11943]: 09[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
charon[11943]: 09[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44710] (1744 bytes)
charon[11943]: 10[NET] received packet: from CLIENT_IP_HERE[44710] to SERVER_IP_HERE[4500] (512 bytes)
charon[11943]: 10[ENC] unknown attribute type (25)
ipsec[11918]: 00[DMN] Starting IKE charon daemon (strongSwan 5.6.2, Linux 4.15.0-45-generic, x86_64)
ipsec[11918]: 00[CFG] PKCS11 module '<name>' lacks library path
ipsec[11918]: 00[CFG] disabling load-tester plugin, not configured
ipsec[11918]: 00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL
ipsec[11918]: 00[NET] could not open socket: Address family not supported by protocol
ipsec[11918]: 00[NET] could not open IPv6 socket, IPv6 disabled
ipsec[11918]: 00[KNL] received netlink error: Address family not supported by protocol (97)
ipsec[11918]: 00[KNL] unable to create IPv6 routing table rule
ipsec[11918]: 00[CFG] dnscert plugin is disabled
ipsec[11918]: 00[CFG] ipseckey plugin is disabled
ipsec[11918]: 00[CFG] attr-sql plugin: database URI not set
ipsec[11918]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
ipsec[11918]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
ipsec[11918]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
ipsec[11918]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
ipsec[11918]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
ipsec[11918]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
ipsec[11918]: 00[CFG] loaded RSA private key from '/etc/ipsec.d/private/server.key'
ipsec[11918]: 00[CFG] loaded EAP secret for USERNAME_HERE %any%
ipsec[11918]: 00[CFG] sql plugin: database URI not set
ipsec[11918]: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
ipsec[11918]: 00[CFG] eap-simaka-sql database URI missing
ipsec[11918]: 00[CFG] loaded 0 RADIUS server configurations
ipsec[11918]: 00[CFG] HA config misses local/remote address
ipsec[11918]: 00[CFG] no threshold configured for systime-fix, disabled
ipsec[11918]: 00[CFG] coupling file path unspecified
charon[11943]: 10[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) N(MOBIKE_SUP) IDr CPRQ(ADDR DHCP DNS MASK ADDR6 DHCP6 DNS6 (25)) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ]
ipsec[11918]: 00[LIB] loaded plugins: charon test-vectors unbound ldap pkcs11 tpm aesni aes rc2 sha2 sha1 md4 md5 mgf1 rdrand random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem openssl gcrypt af-alg fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock unity counters
ipsec[11918]: 00[LIB] dropped capabilities, running as uid 0, gid 0
ipsec[11918]: 00[JOB] spawning 16 worker threads
ipsec[11918]: 06[CFG] received stroke: add connection 'ikev2-vpn'
ipsec[11918]: 06[CFG] adding virtual IP address pool 10.255.255.0/24
ipsec[11918]: 06[CFG] loaded certificate "CN=vpn.company.com" from 'server.crt'
ipsec[11918]: 06[CFG] added configuration 'ikev2-vpn'
ipsec[11918]: 08[NET] received packet: from CLIENT_IP_HERE[44709] to SERVER_IP_HERE[500] (604 bytes)
ipsec[11918]: 08[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
ipsec[11918]: 08[IKE] CLIENT_IP_HERE is initiating an IKE_SA
ipsec[11918]: 08[IKE] remote host is behind NAT
ipsec[11918]: 08[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
ipsec[11918]: 08[NET] sending packet: from SERVER_IP_HERE[500] to CLIENT_IP_HERE[44709] (440 bytes)
ipsec[11918]: 09[NET] received packet: from CLIENT_IP_HERE[44710] to SERVER_IP_HERE[4500] (512 bytes)
ipsec[11918]: 09[ENC] unknown attribute type (25)
ipsec[11918]: 09[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) N(MOBIKE_SUP) IDr CPRQ(ADDR DHCP DNS MASK ADDR6 DHCP6 DNS6 (25)) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ]
ipsec[11918]: 09[CFG] looking for peer configs matching SERVER_IP_HERE[vpn.company.com]...CLIENT_IP_HERE[CLIENT_LOCAL_IP_HERE]
ipsec[11918]: 09[CFG] selected peer config 'ikev2-vpn'
ipsec[11918]: 09[IKE] initiating EAP_IDENTITY method (id 0x00)
charon[11943]: 10[IKE] received retransmit of request with ID 1, retransmitting response
ipsec[11918]: 09[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
ipsec[11918]: 09[IKE] peer supports MOBIKE
ipsec[11918]: 09[IKE] authentication of 'vpn.company.com' (myself) with RSA signature successful
ipsec[11918]: 09[IKE] sending end entity cert "CN=vpn.company.com"
ipsec[11918]: 09[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
ipsec[11918]: 09[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44710] (1744 bytes)
ipsec[11918]: 10[NET] received packet: from CLIENT_IP_HERE[44710] to SERVER_IP_HERE[4500] (512 bytes)
ipsec[11918]: 10[ENC] unknown attribute type (25)
charon[11943]: 10[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44710] (1744 bytes)
charon[11943]: 11[NET] received packet: from CLIENT_IP_HERE[44710] to SERVER_IP_HERE[4500] (512 bytes)
charon[11943]: 11[ENC] unknown attribute type (25)
charon[11943]: 11[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) N(MOBIKE_SUP) IDr CPRQ(ADDR DHCP DNS MASK ADDR6 DHCP6 DNS6 (25)) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ]
charon[11943]: 11[IKE] received retransmit of request with ID 1, retransmitting response
charon[11943]: 11[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44710] (1744 bytes)
charon[11943]: 12[NET] received packet: from CLIENT_IP_HERE[44710] to SERVER_IP_HERE[4500] (512 bytes)
charon[11943]: 12[ENC] unknown attribute type (25)
charon[11943]: 12[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) N(MOBIKE_SUP) IDr CPRQ(ADDR DHCP DNS MASK ADDR6 DHCP6 DNS6 (25)) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ]
charon[11943]: 12[IKE] received retransmit of request with ID 1, retransmitting response
charon[11943]: 12[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44710] (1744 bytes)
EDIT: Mac OS started working after enabling fragmentation. Unfortunately Windows 10 ends up with error. Server log while connecting from Windows 10:
charon[12236]: 06[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(MULT_AUTH) ]
charon[12236]: 06[NET] sending packet: from SERVER_IP_HERE[500] to CLIENT_IP_HERE[44742] (320 bytes)
charon[12236]: 09[NET] received packet: from CLIENT_IP_HERE[44743] to SERVER_IP_HERE[4500] (576 bytes)
charon[12236]: 09[ENC] parsed IKE_AUTH request 1 [ EF(1/2) ]
charon[12236]: 09[ENC] received fragment #1 of 2, waiting for complete IKE message
charon[12236]: 07[NET] received packet: from CLIENT_IP_HERE[44743] to SERVER_IP_HERE[4500] (368 bytes)
charon[12236]: 07[ENC] parsed IKE_AUTH request 1 [ EF(2/2) ]
charon[12236]: 07[ENC] received fragment #2 of 2, reassembling fragmented IKE message
charon[12236]: 07[ENC] parsed IKE_AUTH request 1 [ IDi CERTREQ CPRQ(ADDR DNS NBNS SRV) SA TSi TSr ]
charon[12236]: 07[IKE] received 27 cert requests for an unknown ca
charon[12236]: 07[CFG] looking for peer configs matching SERVER_IP_HERE[%any]...CLIENT_IP_HERE[CLIENT_LOCAL_IP_HERE]
charon[12236]: 07[CFG] selected peer config 'ikev2-vpn'
charon[12236]: 07[IKE] initiating EAP_IDENTITY method (id 0x00)
charon[12236]: 07[IKE] authentication of 'vpn.autouncle.com' (myself) with RSA signature successful
charon[12236]: 07[IKE] sending end entity cert "CN=vpn.autouncle.com"
charon[12236]: 07[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
charon[12236]: 07[ENC] splitting IKE message with length of 1740 bytes into 2 fragments
charon[12236]: 07[ENC] generating IKE_AUTH response 1 [ EF(1/2) ]
charon[12236]: 07[ENC] generating IKE_AUTH response 1 [ EF(2/2) ]
charon[12236]: 07[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44743] (1248 bytes)
charon[12236]: 07[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44743] (560 bytes)
