尽管存在 IKE SA,但未创建到 Android 设备的 IPsec 隧道

尽管存在 IKE SA,但未创建到 Android 设备的 IPsec 隧道

我正在尝试在运行 4.1 的 Android 设备和运行 strongSwan 5.0 的 Fedora 17 Linux 机器之间配置 VPN 隧道。设备报告已连接并strongSwan statusall返回存在 IKE SA,但不显示隧道。我使用了iOS 说明在 wiki 中生成证书并配置 strongSwan。由于 Android 使用的是 racoon 的修改版本,因此这应该可以工作,并且由于连接已部分建立,我认为我走在正确的轨道上。我没有看到任何关于无法创建隧道的错误。

这是 strongSwan 连接的配置

conn android2
    keyexchange=ikev1
    authby=xauthrsasig
    xauth=server
    left=96.244.142.28
    leftsubnet=0.0.0.0/0
    leftfirewall=yes
    leftcert=serverCert.pem
    right=%any
    rightsubnet=10.0.0.0/24
    rightsourceip=10.0.0.2
    rightcert=clientCert.pem
    ike=aes256-sha1-modp1024
    auto=add

这是输出strongswan statusall

Status of IKE charon daemon (strongSwan 5.0.0, Linux 3.3.4-5.fc17.x86_64, x86_64):
uptime: 20 minutes, since Oct 31 10:27:31 2012
malloc: sbrk 270336, mmap 0, used 198144, free 72192
worker threads: 8 of 16 idle, 7/1/0/0 working, job queue: 0/0/0/0, scheduled: 7
loaded plugins: charon aes des sha1 sha2 md5 random nonce x509 revocation constraints  pubkey pkcs1 pkcs8 pgp dnskey pem openssl fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve socket-default stroke updown xauth-generic
Virtual IP pools (size/online/offline):
  android-hybrid: 1/0/0
  android2: 1/1/0
Listening IP addresses:
  96.244.142.28
Connections:
    android-hybrid:  %any...%any  IKEv1
    android-hybrid:   local:  [C=CH, O=strongSwan, CN=vpn.strongswan.org] uses public key authentication
    android-hybrid:    cert:  "C=CH, O=strongSwan, CN=vpn.strongswan.org"
    android-hybrid:   remote: [%any] uses XAuth authentication: any
    android-hybrid:   child:  dynamic === dynamic TUNNEL
    android2:  96.244.142.28...%any  IKEv1
    android2:   local:  [C=CH, O=strongSwan, CN=vpn.strongswan.org] uses public key    authentication
    android2:    cert:  "C=CH, O=strongSwan, CN=vpn.strongswan.org"
    android2:   remote: [C=CH, O=strongSwan, CN=client] uses public key authentication
    android2:    cert:  "C=CH, O=strongSwan, CN=client"
    android2:   remote: [%any] uses XAuth authentication: any
    android2:   child:  0.0.0.0/0 === 10.0.0.0/24 TUNNEL
 Security Associations (1 up, 0 connecting):
    android2[3]: ESTABLISHED 10 seconds ago, 96.244.142.28[C=CH, O=strongSwan,    CN=vpn.strongswan.org]...208.54.35.241[C=CH, O=strongSwan, CN=client]
    android2[3]: Remote XAuth identity: android
    android2[3]: IKEv1 SPIs: 4151e371ad46b20d_i 59a56390d74792d2_r*, public key     reauthentication in 56 minutes
    android2[3]: IKE proposal: AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024

输出 ip -s xfrm policy

src 0.0.0.0/0 dst 0.0.0.0/0 uid 0
    socket in action allow index 3819 priority 0 ptype main share any flag  (0x00000000)
    lifetime config:
      limit: soft 0(bytes), hard 0(bytes)
      limit: soft 0(packets), hard 0(packets)
      expire add: soft 0(sec), hard 0(sec)
      expire use: soft 0(sec), hard 0(sec)
    lifetime current:
      0(bytes), 0(packets)
      add 2012-10-31 13:29:08 use 2012-10-31 13:29:39
src 0.0.0.0/0 dst 0.0.0.0/0 uid 0
    socket out action allow index 3812 priority 0 ptype main share any flag  (0x00000000)
    lifetime config:
      limit: soft 0(bytes), hard 0(bytes)
      limit: soft 0(packets), hard 0(packets)
      expire add: soft 0(sec), hard 0(sec)
      expire use: soft 0(sec), hard 0(sec)
    lifetime current:
      0(bytes), 0(packets)
      add 2012-10-31 13:29:08 use 2012-10-31 13:29:22
src 0.0.0.0/0 dst 0.0.0.0/0 uid 0
    socket in action allow index 3803 priority 0 ptype main share any flag  (0x00000000)
    lifetime config:
      limit: soft 0(bytes), hard 0(bytes)
      limit: soft 0(packets), hard 0(packets)
      expire add: soft 0(sec), hard 0(sec)
      expire use: soft 0(sec), hard 0(sec)
    lifetime current:
      0(bytes), 0(packets)
      add 2012-10-31 13:29:08 use 2012-10-31 13:29:20
src 0.0.0.0/0 dst 0.0.0.0/0 uid 0
    socket out action allow index 3796 priority 0 ptype main share any flag  (0x00000000)
    lifetime config:
      limit: soft 0(bytes), hard 0(bytes)
      limit: soft 0(packets), hard 0(packets)
      expire add: soft 0(sec), hard 0(sec)
      expire use: soft 0(sec), hard 0(sec)
    lifetime current:
      0(bytes), 0(packets)
      add 2012-10-31 13:29:08 use 2012-10-31 13:29:20

因此,即使设备和 strongswan 之间存在 SA,也不会为连接创建 xfrm 策略。ip -s xfrm policy在 android 设备上执行会产生以下输出:

src 0.0.0.0/0 dst 10.0.0.2/32 uid 0
dir in action allow index 40 priority 2147483648 share any flag  (0x00000000)
lifetime config:
  limit: soft (INF)(bytes), hard (INF)(bytes)
  limit: soft (INF)(packets), hard (INF)(packets)
  expire add: soft 0(sec), hard 0(sec)
  expire use: soft 0(sec), hard 0(sec)
lifetime current:
  0(bytes), 0(packets)
  add 2012-10-31 13:42:08 use -
tmpl src 96.244.142.28 dst 25.239.33.30
    proto esp spi 0x00000000(0) reqid 0(0x00000000) mode tunnel
    level required share any 
    enc-mask 00000000 auth-mask 00000000 comp-mask 00000000
src 10.0.0.2/32 dst 0.0.0.0/0 uid 0
dir out action allow index 33 priority 2147483648 share any flag  (0x00000000)
lifetime config:
  limit: soft (INF)(bytes), hard (INF)(bytes)
  limit: soft (INF)(packets), hard (INF)(packets)
  expire add: soft 0(sec), hard 0(sec)
  expire use: soft 0(sec), hard 0(sec)
lifetime current:
  0(bytes), 0(packets)
  add 2012-10-31 13:42:08 use -
tmpl src 25.239.33.30 dst 96.244.142.28
    proto esp spi 0x00000000(0) reqid 0(0x00000000) mode tunnel
    level required share any 
    enc-mask 00000000 auth-mask 00000000 comp-mask 00000000

来自 charon 的日志:

00[DMN] Starting IKE charon daemon (strongSwan 5.0.0, Linux 3.3.4-5.fc17.x86_64, x86_64)

00[KNL] listening on interfaces:
00[KNL]   em1
00[KNL]     96.244.142.28
00[KNL]     fe80::224:e8ff:fed2:18b2
00[CFG] loading ca certificates from '/etc/strongswan/ipsec.d/cacerts'
00[CFG]   loaded ca certificate "C=CH, O=strongSwan, CN=strongSwan CA" from '/etc/strongswan/ipsec.d/cacerts/caCert.pem'
00[CFG] loading aa certificates from '/etc/strongswan/ipsec.d/aacerts'
00[CFG] loading ocsp signer certificates from '/etc/strongswan/ipsec.d/ocspcerts'
00[CFG] loading attribute certificates from '/etc/strongswan/ipsec.d/acerts'
00[CFG] loading crls from '/etc/strongswan/ipsec.d/crls'
00[CFG] loading secrets from '/etc/strongswan/ipsec.secrets'
00[CFG]   loaded RSA private key from '/etc/strongswan/ipsec.d/private/clientKey.pem'
00[CFG]   loaded IKE secret for %any
00[CFG]   loaded EAP secret for android
00[CFG]   loaded EAP secret for android
00[DMN] loaded plugins: charon aes des sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs8 pgp dnskey pem openssl fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve socket-default stroke updown xauth-generic
08[NET] waiting for data on sockets
16[LIB] created thread 16 [15338]
16[JOB] started worker thread 16
11[CFG] received stroke: add connection 'android-hybrid'
11[CFG] conn android-hybrid
11[CFG]   left=%any
11[CFG]   leftsubnet=(null)
11[CFG]   leftsourceip=(null)
11[CFG]   leftauth=pubkey
11[CFG]   leftauth2=(null)
11[CFG]   leftid=(null)
11[CFG]   leftid2=(null)
11[CFG]   leftrsakey=(null)
11[CFG]   leftcert=serverCert.pem
11[CFG]   leftcert2=(null)
11[CFG]   leftca=(null)
11[CFG]   leftca2=(null)
11[CFG]   leftgroups=(null)
11[CFG]   leftupdown=ipsec _updown iptables
11[CFG]   right=%any
11[CFG]   rightsubnet=(null)
11[CFG]   rightsourceip=96.244.142.3
11[CFG]   rightauth=xauth
11[CFG]   rightauth2=(null)
11[CFG]   rightid=%any
11[CFG]   rightid2=(null)
11[CFG]   rightrsakey=(null)
11[CFG]   rightcert=(null)
11[CFG]   rightcert2=(null)
11[CFG]   rightca=(null)
11[CFG]   rightca2=(null)
11[CFG]   rightgroups=(null)
11[CFG]   rightupdown=(null)
11[CFG]   eap_identity=(null)
11[CFG]   aaa_identity=(null)
11[CFG]   xauth_identity=(null)
11[CFG]   ike=aes256-sha1-modp1024
11[CFG]   esp=aes128-sha1-modp2048,3des-sha1-modp1536
11[CFG]   dpddelay=30
11[CFG]   dpdtimeout=150
11[CFG]   dpdaction=0
11[CFG]   closeaction=0
11[CFG]   mediation=no
11[CFG]   mediated_by=(null)
11[CFG]   me_peerid=(null)
11[CFG]   keyexchange=ikev1
11[KNL] getting interface name for %any
11[KNL] %any is not a local address
11[KNL] getting interface name for %any
11[KNL] %any is not a local address
11[CFG] left nor right host is our side, assuming left=local
11[CFG]   loaded certificate "C=CH, O=strongSwan, CN=vpn.strongswan.org" from 'serverCert.pem'
11[CFG]   id '%any' not confirmed by certificate, defaulting to 'C=CH, O=strongSwan, CN=vpn.strongswan.org'
11[CFG] added configuration 'android-hybrid'
11[CFG] adding virtual IP address pool 'android-hybrid': 96.244.142.3/32
13[CFG] received stroke: add connection 'android2'
13[CFG] conn android2
13[CFG]   left=96.244.142.28
13[CFG]   leftsubnet=0.0.0.0/0
13[CFG]   leftsourceip=(null)
13[CFG]   leftauth=pubkey
13[CFG]   leftauth2=(null)
13[CFG]   leftid=(null)
13[CFG]   leftid2=(null)
13[CFG]   leftrsakey=(null)
13[CFG]   leftcert=serverCert.pem
13[CFG]   leftcert2=(null)
13[CFG]   leftca=(null)
13[CFG]   leftca2=(null)
13[CFG]   leftgroups=(null)
13[CFG]   leftupdown=ipsec _updown iptables
13[CFG]   right=%any
13[CFG]   rightsubnet=10.0.0.0/24
13[CFG]   rightsourceip=10.0.0.2
13[CFG]   rightauth=pubkey
13[CFG]   rightauth2=xauth
13[CFG]   rightid=(null)
13[CFG]   rightid2=(null)
13[CFG]   rightrsakey=(null)
13[CFG]   rightcert=clientCert.pem
13[CFG]   rightcert2=(null)
13[CFG]   rightca=(null)
13[CFG]   rightca2=(null)
13[CFG]   rightgroups=(null)
13[CFG]   rightupdown=(null)
13[CFG]   eap_identity=(null)
13[CFG]   aaa_identity=(null)
13[CFG]   xauth_identity=(null)
13[CFG]   ike=aes256-sha1-modp1024
13[CFG]   esp=aes128-sha1-modp2048,3des-sha1-modp1536
13[CFG]   dpddelay=30
13[CFG]   dpdtimeout=150
13[CFG]   dpdaction=0
13[CFG]   closeaction=0
13[CFG]   mediation=no
13[CFG]   mediated_by=(null)
13[CFG]   me_peerid=(null)
13[CFG]   keyexchange=ikev0
13[KNL] getting interface name for %any
13[KNL] %any is not a local address
13[KNL] getting interface name for 96.244.142.28
13[KNL] 96.244.142.28 is on interface em1
13[CFG]   loaded certificate "C=CH, O=strongSwan, CN=vpn.strongswan.org" from 'serverCert.pem'
13[CFG]   id '96.244.142.28' not confirmed by certificate, defaulting to 'C=CH, O=strongSwan, CN=vpn.strongswan.org'
13[CFG]   loaded certificate "C=CH, O=strongSwan, CN=client" from 'clientCert.pem'
13[CFG]   id '%any' not confirmed by certificate, defaulting to 'C=CH, O=strongSwan, CN=client'
13[CFG] added configuration 'android2'
13[CFG] adding virtual IP address pool 'android2': 10.0.0.2/32
08[NET] received packet: from 208.54.35.241[32235] to 96.244.142.28[500]
15[CFG] looking for an ike config for 96.244.142.28...208.54.35.241
15[CFG]   candidate: %any...%any, prio 2
15[CFG]   candidate: 96.244.142.28...%any, prio 5
15[CFG] found matching ike config: 96.244.142.28...%any with prio 5
01[JOB] next event in 29s 999ms, waiting
15[IKE] received NAT-T (RFC 3947) vendor ID
15[IKE] received draft-ietf-ipsec-nat-t-ike-02 vendor ID
15[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
15[IKE] received draft-ietf-ipsec-nat-t-ike-00 vendor ID
15[IKE] received XAuth vendor ID
15[IKE] received Cisco Unity vendor ID
15[IKE] received DPD vendor ID
15[IKE] 208.54.35.241 is initiating a Main Mode IKE_SA
15[IKE] IKE_SA (unnamed)[1] state change: CREATED => CONNECTING
15[CFG] selecting proposal:
15[CFG]   proposal matches
15[CFG] received proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_256/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_128/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, IKE:DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024
15[CFG] configured proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/HMAC_MD5_96/HMAC_SHA1_96/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_MD5/PRF_HMAC_SHA1/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160
15[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
15[NET] sending packet: from 96.244.142.28[500] to 208.54.35.241[32235]
04[NET] sending packet: from 96.244.142.28[500] to 208.54.35.241[32235]
15[MGR] checkin IKE_SA (unnamed)[1]
15[MGR] check-in of IKE_SA successful.
08[NET] received packet: from 208.54.35.241[32235] to 96.244.142.28[500]
08[NET] waiting for data on sockets
07[MGR] checkout IKE_SA by message
07[MGR] IKE_SA (unnamed)[1] successfully checked out
07[NET] received packet: from 208.54.35.241[32235] to 96.244.142.28[500]
07[LIB] size of DH secret exponent: 1023 bits
07[IKE] remote host is behind NAT
07[IKE] sending cert request for "C=CH, O=strongSwan, CN=strongSwan CA"
07[ENC] generating NAT_D_V1 payload finished
07[NET] sending packet: from 96.244.142.28[500] to 208.54.35.241[32235]
07[MGR] checkin IKE_SA (unnamed)[1]
07[MGR] check-in of IKE_SA successful.
04[NET] sending packet: from 96.244.142.28[500] to 208.54.35.241[32235]
08[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500]
10[IKE] ignoring certificate request without data
10[IKE] received end entity cert "C=CH, O=strongSwan, CN=client"
10[CFG] looking for XAuthInitRSA peer configs matching 96.244.142.28...208.54.35.241[C=CH, O=strongSwan, CN=client]
10[CFG]   candidate "android-hybrid", match: 1/1/2/2 (me/other/ike/version)
10[CFG]   candidate "android2", match: 1/20/5/1 (me/other/ike/version)
10[CFG] selected peer config "android2"
10[CFG]   certificate "C=CH, O=strongSwan, CN=client" key: 2048 bit RSA
10[CFG]   using trusted ca certificate "C=CH, O=strongSwan, CN=strongSwan CA"
10[CFG] checking certificate status of "C=CH, O=strongSwan, CN=client"
10[CFG] ocsp check skipped, no ocsp found
10[CFG] certificate status is not available
10[CFG]   certificate "C=CH, O=strongSwan, CN=strongSwan CA" key: 2048 bit RSA
10[CFG]   reached self-signed root ca with a path length of 0
10[CFG]   using trusted certificate "C=CH, O=strongSwan, CN=client"
10[IKE] authentication of 'C=CH, O=strongSwan, CN=client' with RSA successful
10[ENC] added payload of type ID_V1 to message
10[ENC] added payload of type SIGNATURE_V1 to message
10[IKE] authentication of 'C=CH, O=strongSwan, CN=vpn.strongswan.org' (myself) successful
10[IKE] queueing XAUTH task
10[IKE] sending end entity cert "C=CH, O=strongSwan, CN=vpn.strongswan.org"
10[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595]
04[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595]
10[IKE] activating new tasks
10[IKE]   activating XAUTH task
10[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595]
04[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595]
01[JOB] next event in 3s 999ms, waiting
10[MGR] checkin IKE_SA android2[1]
10[MGR] check-in of IKE_SA successful.
08[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500]
08[NET] waiting for data on sockets
12[MGR] checkout IKE_SA by message
12[MGR] IKE_SA android2[1] successfully checked out
12[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500]
12[MGR] checkin IKE_SA android2[1]
12[MGR] check-in of IKE_SA successful.
08[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500]
16[MGR] checkout IKE_SA by message
16[MGR] IKE_SA android2[1] successfully checked out
16[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500]
08[NET] waiting for data on sockets                           
16[IKE] XAuth authentication of 'android' successful
16[IKE] reinitiating already active tasks
16[IKE]   XAUTH task
16[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595]
04[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595]
16[MGR] checkin IKE_SA android2[1]
01[JOB] next event in 3s 907ms, waiting
16[MGR] check-in of IKE_SA successful.
08[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500]
09[MGR] checkout IKE_SA by message
09[MGR] IKE_SA android2[1] successfully checked out
09[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500]                                   .8rS
09[IKE] IKE_SA android2[1] established between 96.244.142.28[C=CH, O=strongSwan, CN=vpn.strongswan.org]...208.54.35.241[C=CH, O=strongSwan, CN=client]
09[IKE] IKE_SA android2[1] state change: CONNECTING => ESTABLISHED
09[IKE] scheduling reauthentication in 3409s
09[IKE] maximum IKE_SA lifetime 3589s
09[IKE] activating new tasks
09[IKE] nothing to initiate
09[MGR] checkin IKE_SA android2[1]
09[MGR] check-in of IKE_SA successful.
09[MGR] checkout IKE_SA
09[MGR] IKE_SA android2[1] successfully checked out
09[MGR] checkin IKE_SA android2[1]
09[MGR] check-in of IKE_SA successful.
01[JOB] next event in 3s 854ms, waiting
08[NET] waiting for data on sockets
08[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500]
14[MGR] checkout IKE_SA by message
14[MGR] IKE_SA android2[1] successfully checked out
14[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500]
14[IKE] processing INTERNAL_IP4_ADDRESS attribute
14[IKE] processing INTERNAL_IP4_NETMASK attribute
14[IKE] processing INTERNAL_IP4_DNS attribute
14[IKE] processing INTERNAL_IP4_NBNS attribute
14[IKE] processing UNITY_BANNER attribute
14[IKE] processing UNITY_DEF_DOMAIN attribute
14[IKE] processing UNITY_SPLITDNS_NAME attribute
14[IKE] processing UNITY_SPLIT_INCLUDE attribute
14[IKE] processing UNITY_LOCAL_LAN attribute
14[IKE] processing APPLICATION_VERSION attribute
14[IKE] peer requested virtual IP %any
14[CFG] assigning new lease to 'android'
14[IKE] assigning virtual IP 10.0.0.2 to peer 'android'
14[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595]
14[MGR] checkin IKE_SA android2[1]
14[MGR] check-in of IKE_SA successful.
04[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595]
08[NET] waiting for data on sockets
01[JOB] got event, queuing job for execution
01[JOB] next event in 91ms, waiting
13[MGR] checkout IKE_SA
13[MGR] IKE_SA android2[1] successfully checked out
13[MGR] checkin IKE_SA android2[1]
13[MGR] check-in of IKE_SA successful.
01[JOB] got event, queuing job for execution
01[JOB] next event in 24s 136ms, waiting
15[MGR] checkout IKE_SA
15[MGR] IKE_SA android2[1] successfully checked out
15[MGR] checkin IKE_SA android2[1]
15[MGR] check-in of IKE_SA successful.

Android 设备:

tcpdump: listening on wlan0, link-type EN10MB (Ethernet), capture size 96 bytes
09:58:28.990424 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 504) 10.1.12.140.500 > 96.244.142.28.500: isakmp 1.0 msgid : phase 1 I ident: [|sa]
09:58:29.037879 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 164) 96.244.142.28.500 > 10.1.12.140.500: isakmp 1.0 msgid : phase 1 R ident: [|sa]
09:58:29.058692 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 256) 10.1.12.140.500 > 96.244.142.28.500: isakmp 1.0 msgid : phase 1 I ident: [|ke]
09:58:29.111273 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 337) 96.244.142.28.500 > 10.1.12.140.500: isakmp 1.0 msgid : phase 1 R ident: [|ke]
09:58:29.174781 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 1212) 10.1.12.140.4500 > 96.244.142.28.4500: NONESP-encap: isakmp 1.0 msgid : phase 1 I ident[E]: [encrypted id]
09:58:29.204199 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 1276) 96.244.142.28.4500 > 10.1.12.140.4500: NONESP-encap: isakmp 1.0 msgid : phase 1 R ident[E]: [encrypted id]
09:58:29.204352 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 108) 96.244.142.28.4500 > 10.1.12.140.4500: NONESP-encap: isakmp 1.0 msgid : phase 2/others R #6[E]: [encrypted hash]
09:58:29.207953 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 140) 10.1.12.140.4500 > 96.244.142.28.4500: NONESP-encap: isakmp 1.0 msgid : phase 2/others I inf[E]: [encrypted hash]
09:58:29.208869 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 140) 10.1.12.140.4500 > 96.244.142.28.4500: NONESP-encap: isakmp 1.0 msgid : phase 2/others I #6[E]: [encrypted hash]
09:58:29.283637 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 124) 96.244.142.28.4500 > 10.1.12.140.4500: NONESP-encap: isakmp 1.0 msgid : phase 2/others ? inf[E]: [encrypted hash]
09:58:29.283881 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 108) 96.244.142.28.4500 > 10.1.12.140.4500: NONESP-encap: isakmp 1.0 msgid : phase 2/others R #6[E]: [encrypted hash]
09:58:29.285498 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 124) 10.1.12.140.4500 > 96.244.142.28.4500: NONESP-encap: isakmp 1.0 msgid : phase 2/others I #6[E]: [encrypted hash]
09:58:29.286658 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 156) 10.1.12.140.4500 > 96.244.142.28.4500: NONESP-encap: isakmp 1.0 msgid : phase 2/others I #6[E]: [encrypted hash]
09:58:29.323554 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 108) 96.244.142.28.4500 > 10.1.12.140.4500: NONESP-encap: isakmp 1.0 msgid : phase 2/others R #6[E]: [encrypted hash]
09:58:48.447272 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 29) 10.1.12.140.4500 > 96.244.142.28.4500: isakmp-nat-keep-alive

Strongswan机器:

tcpdump: listening on em1, link-type EN10MB (Ethernet), capture size 65535 bytes
09:58:29.005470 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 504)
    96.244.142.3.isakmp > 96.244.142.28.isakmp: isakmp 1.0 msgid 00000000: phase 1 I ident:
    (sa: doi=ipsec situation=identity
        (p: #1 protoid=isakmp transform=8
            (t: #1 id=ike (type=lifetype value=sec)(type=lifeduration value=7080)(type=enc value=aes)(type=keylen value=0100)(type=auth value=fded)(type=hash value=sha1)(type=group desc value=modp1024))
            (t: #2 id=ike (type=lifetype value=sec)(type=lifeduration value=7080)(type=enc value=aes)(type=keylen value=0100)(type=auth value=fded)(type=hash value=md5)(type=group desc value=modp1024))
            (t: #3 id=ike (type=lifetype value=sec)(type=lifeduration value=7080)(type=enc value=aes)(type=keylen value=0080)(type=auth value=fded)(type=hash value=sha1)(type=group desc value=modp1024))
            (t: #4 id=ike (type=lifetype value=sec)(type=lifeduration value=7080)(type=enc value=aes)(type=keylen value=0080)(type=auth value=fded)(type=hash value=md5)(type=group desc value=modp1024))
            (t: #5 id=ike (type=lifetype value=sec)(type=lifeduration value=7080)(type=enc value=3des)(type=auth value=fded)(type=hash value=sha1)(type=group desc value=modp1024))
            (t: #6 id=ike (type=lifetype value=sec)(type=lifeduration value=7080)(type=enc value=3des)(type=auth value=fded)(type=hash value=md5)(type=group desc value=modp1024))
            (t: #7 id=ike (type=lifetype value=sec)(type=lifeduration value=7080)(type=enc value=1des)(type=auth value=fded)(type=hash value=sha1)(type=group desc value=modp1024))
            (t: #8 id=ike (type=lifetype value=sec)(type=lifeduration value=7080)(type=enc value=1des)(type=auth value=fded)(type=hash value=md5)(type=group desc value=modp1024))))
    (vid: len=16)
    (vid: len=16)
    (vid: len=16)
    (vid: len=16)
    (vid: len=8)
    (vid: len=16)
    (vid: len=20)
    (vid: len=16)
09:58:29.021590 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 164)
    96.244.142.28.isakmp > 96.244.142.3.isakmp: isakmp 1.0 msgid 00000000: phase 1 R ident:
    (sa: doi=ipsec situation=identity
        (p: #1 protoid=isakmp transform=1
            (t: #1 id=ike (type=enc value=aes)(type=keylen value=0100)(type=hash value=sha1)(type=group desc value=modp1024)(type=auth value=fded)(type=lifetype value=sec)(type=lifeduration value=7080))))
    (vid: len=8)
    (vid: len=16)
    (vid: len=16)
09:58:29.065654 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 256)
    96.244.142.3.isakmp > 96.244.142.28.isakmp: isakmp 1.0 msgid 00000000: phase 1 I ident:
    (ke: key len=128)
    (nonce: n len=16)
    (pay20)
    (pay20)
09:58:29.073252 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 337)
    96.244.142.28.isakmp > 96.244.142.3.isakmp: isakmp 1.0 msgid 00000000: phase 1 R ident:
    (ke: key len=128)
    (nonce: n len=32)
    (cr: len=61 type=x509sign)
    (pay20)
    (pay20)
09:58:29.172970 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 1212)
    96.244.142.3.44673 > 96.244.142.28.ipsec-nat-t: NONESP-encap: isakmp 1.0 msgid 00000000: phase 1 I ident[E]: [encrypted id]
09:58:29.182596 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 1276)
    96.244.142.28.ipsec-nat-t > 96.244.142.3.44673: NONESP-encap: isakmp 1.0 msgid 00000000: phase 1 R ident[E]: [encrypted id]
09:58:29.183033 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 108)
    96.244.142.28.ipsec-nat-t > 96.244.142.3.44673: NONESP-encap: isakmp 1.0 msgid 25eb381b: phase 2/others R #6[E]: [encrypted hash]
09:58:29.250287 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 140)
    96.244.142.3.44673 > 96.244.142.28.ipsec-nat-t: NONESP-encap: isakmp 1.0 msgid bbbe7b6d: phase 2/others I inf[E]: [encrypted hash]
09:58:29.250325 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 140)
    96.244.142.3.44673 > 96.244.142.28.ipsec-nat-t: NONESP-encap: isakmp 1.0 msgid 25eb381b: phase 2/others I #6[E]: [encrypted hash]
09:58:29.256037 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 124)
    96.244.142.28.ipsec-nat-t > 96.244.142.3.44673: NONESP-encap: isakmp 1.0 msgid beb336b4: phase 2/others ? inf[E]: [encrypted hash]
09:58:29.257801 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 108)
    96.244.142.28.ipsec-nat-t > 96.244.142.3.44673: NONESP-encap: isakmp 1.0 msgid 15d8cae0: phase 2/others R #6[E]: [encrypted hash]
09:58:29.300333 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 124)
    96.244.142.3.44673 > 96.244.142.28.ipsec-nat-t: NONESP-encap: isakmp 1.0 msgid 15d8cae0: phase 2/others I #6[E]: [encrypted hash]
09:58:29.300362 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 156)
    96.244.142.3.44673 > 96.244.142.28.ipsec-nat-t: NONESP-encap: isakmp 1.0 msgid b96496f8: phase 2/others I #6[E]: [encrypted hash]
09:58:29.307755 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 108)
    96.244.142.28.ipsec-nat-t > 96.244.142.3.44673: NONESP-encap: isakmp 1.0 msgid b96496f8: phase 2/others R #6[E]: [encrypted hash]
09:58:48.449886 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 29)
    96.244.142.3.44673 > 96.244.142.28.ipsec-nat-t: isakmp-nat-keep-alive
09:59:08.488463 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 29)

答案1

您在输出中看到的 SAstrongswan statusall是 IKE_SA(或者更确切地说是 ISAKMP SA,因为这是 IKEv1),而不是 IPsec SA。因此,主模式完成后一定存在某种问题。

ModeConfig(虚拟 IP 和其他属性的分配)似乎运行良好,这也反映在 Android 设备上安装的 IPsec 策略中。但缺少的是快速模式请求(即协商 IPsec SA 的时间):

14[IKE] assigning virtual IP 10.0.0.2 to peer 'android'
14[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595]

这是发送给Android设备的ModeConfig响应,但是charon之后没有收到任何消息。

我现在可以重现此情况。此行为是故意的。当 ModeConfig 完成并建立 ISAKMP SA 时,将记录以下内容logcat

I/racoon  (11096): ISAKMP-SA established [...]
D/VpnJni  (  310): Route added on tun0: 0.0.0.0/0
I/LegacyVpnRunner(  310): Connected!

此外,在 ModeConfig 期间收到的虚拟 IP(在您的情况下10.0.0.2)被添加到内核中tun0,并且安装了 IPsec 策略(这也可以在您发布的输出中看到)。10.0.0.2 <=> 0.0.0.0/0ip xfrm policies

现在,只有流量与出站策略匹配时,才会建立 IPsec SA。因为0.0.0.0/0用作远程流量选择器(也用于通过的路由tun0任何数据包将符合政策,因此扳机快速模式协商。

就我的情况来说,我一打开浏览器就记录了以下内容:

I/racoon  (15504): initiate new phase 2 negotiation: [...]
I/racoon  (15504): NAT detected -> UDP encapsulation (ENC_MODE 1->3).
W/racoon  (15504): attribute has been modified.
I/racoon  (15504): Adjusting my encmode UDP-Tunnel->Tunnel
I/racoon  (15504): Adjusting peer's encmode UDP-Tunnel(3)->Tunnel(1)
W/racoon  (15504): low key length proposed, mine:256 peer:128.
W/racoon  (15504): authtype mismatched: my:hmac-md5 peer:hmac-sha
I/racoon  (15504): IPsec-SA established: ESP/Tunnel [...]

这也导致了 strongSwan 网关上的预期输出:

android2{1}:  INSTALLED, TUNNEL, ESP in UDP SPIs: cd7ceff0_i 0e7ab2fc_o
android2{1}:  AES_CBC_128/HMAC_SHA1_96, 60 bytes_i, 0 bytes_o, rekeying in 41 minutes
android2{1}:   0.0.0.0/0 === 10.0.0.2/32

相关内容