情况如下:
- GW 在 CentOS7 上安装了 Strongswan 5.7.2,并加载了以下插件:
charon pkcs11 tpm aesni aes des rc2 sha2 sha1 md4 md5 mgf1 随机 nonce x509 撤销约束 acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl gcrypt fips-prf gmp curve25519 chapoly xcbc cmac hmac ctr ccm gcm curl attr kernel-netlink 解析套接字默认 farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp eap-aka-3gpp2 eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp led duplicheck unity 计数器
同一 CA 机构签署了所有证书(针对 GW 和客户端身份)
在 Windows 10 上,客户端处于移动模式
ipsec.conf:
# VPN connections
conn %default
mobike=yes
esp=aes256gcm128-sha512-modp4096,aes256-sha1-modp1024!
ike=aes256gcm128-sha512-modp4096,aes256-sha384-modp1024!
eap_identity=%any
keyexchange=ikev2
forceencaps=yes
auto=add
conn IKEv2-eap
leftauth=pubkey
leftfirewall=yes
leftcert=gwCert.pem
leftsubnet=0.0.0.0/0
right=%any
rightsourceip=10.3.0.0/24
rightsendcert=never
rightdns=134.158.128.2,134.158.128.6
rightauth=eap-tls
eap_identity=%identity
- ipsec.secrets:
# ipsec.secrets - strongSwan IPsec secrets file
: RSA gwKey.pem
- GW 证书:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62767 (0xf52f)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=FR, O=Organization, CN=IntermediateAuthority
Validity
Not Before: May 20 13:26:11 2019 GMT
Not After : May 19 13:26:11 2021 GMT
Subject: C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
...
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
Netscape Cert Type:
SSL Client, SSL Server
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Netscape Comment:
Certificat serveur IntermediateAuthority
X509v3 Subject Key Identifier:
...
X509v3 Authority Key Identifier:
keyid:...
DirName:/C=FR/O=Organization/CN=RootAuthority
serial:03
X509v3 Subject Alternative Name:
email:[email protected]
X509v3 CRL Distribution Points:
Full Name:
URI:http://crls.domain.tld/IntermediateAuthority/getder.crl
Signature Algorithm: sha1WithRSAEncryption
...
- 客户端证书:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62711 (0xf4f7)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=FR, O=Organization, CN=IntermediateAuthority
Validity
Not Before: May 15 08:58:59 2019 GMT
Not After : May 14 08:58:59 2021 GMT
Subject: C=FR, O=Organization, OU=OUnit, CN=My Name/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
...
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
Netscape Cert Type:
SSL Client, S/MIME, Object Signing
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment
Netscape Comment:
Certificat IntermediateAuthority.
X509v3 Subject Key Identifier:
...
X509v3 Authority Key Identifier:
keyid:...
DirName:/C=FR/O=Organization/CN=RootAuthority
serial:03
X509v3 Subject Alternative Name:
email:[email protected]
X509v3 CRL Distribution Points:
Full Name:
URI:http://crls.domain.tld/IntermediateAuthority/getder.crl
Signature Algorithm: sha1WithRSAEncryption
...
- charon.log:
May 21 10:27:04 00[DMN] Starting IKE charon daemon (strongSwan 5.7.2, Linux 3.10.0-957.12.2.el7.x86_64, x86_64)
May 21 10:27:04 00[CFG] PKCS11 module '<name>' lacks library path
May 21 10:27:04 00[LIB] openssl FIPS mode(2) - enabled
May 21 10:27:04 00[CFG] loading ca certificates from '/etc/strongswan/ipsec.d/cacerts'
May 21 10:27:04 00[CFG] loaded ca certificate "C=FR, O=Organization, CN=IntermediateAuthority" from '/etc/strongswan/ipsec.d/cacerts/ca-std.pem'
May 21 10:27:04 00[CFG] loaded ca certificate "C=FR, O=Organization, CN=RootAuthority" from '/etc/strongswan/ipsec.d/cacerts/ca.pem'
May 21 10:27:04 00[CFG] loading aa certificates from '/etc/strongswan/ipsec.d/aacerts'
May 21 10:27:04 00[CFG] loading ocsp signer certificates from '/etc/strongswan/ipsec.d/ocspcerts'
May 21 10:27:04 00[CFG] loading attribute certificates from '/etc/strongswan/ipsec.d/acerts'
May 21 10:27:04 00[CFG] loading crls from '/etc/strongswan/ipsec.d/crls'
May 21 10:27:04 00[CFG] loading secrets from '/etc/strongswan/ipsec.secrets'
May 21 10:27:04 00[CFG] loaded RSA private key from '/etc/strongswan/ipsec.d/private/gwKey.pem'
May 21 10:27:04 00[CFG] loaded EAP secret for user
May 21 10:27:04 00[CFG] loaded EAP secret for My Name
May 21 10:27:04 00[CFG] opening triplet file /etc/strongswan/ipsec.d/triplets.dat failed: No such file or directory
May 21 10:27:04 00[CFG] loaded 0 RADIUS server configurations
May 21 10:27:04 00[CFG] HA config misses local/remote address
May 21 10:27:04 00[CFG] no script for ext-auth script defined, disabled
May 21 10:27:04 00[LIB] loaded plugins: charon pkcs11 tpm aesni aes des rc2 sha2 sha1 md4 md5 mgf1 random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl gcrypt fips-prf gmp curve25519 chapoly xcbc cmac hmac ctr ccm gcm curl attr kernel-netlink resolve socket-default farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp eap-aka-3gpp2 eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp led duplicheck unity counters
May 21 10:27:04 00[JOB] spawning 16 worker threads
May 21 10:27:04 05[CFG] received stroke: add connection 'IKEv2-eap'
May 21 10:27:04 05[CFG] adding virtual IP address pool 10.3.0.0/24
May 21 10:27:04 05[CFG] loaded certificate "C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, [email protected]" from 'gwCert.pem'
May 21 10:27:04 05[CFG] id '%any' not confirmed by certificate, defaulting to 'C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, [email protected]'
May 21 10:27:04 05[CFG] added configuration 'IKEv2-eap'
May 21 10:27:11 12[NET] <1> received packet: from 172.10.128.210[500] to 172.10.130.248[500] (624 bytes)
May 21 10:27:11 12[ENC] <1> parsed IKE_SA_INIT request 0 [ SA KE No N(FRAG_SUP) N(NATD_S_IP) N(NATD_D_IP) V V V V ]
May 21 10:27:11 12[IKE] <1> received MS NT5 ISAKMPOAKLEY v9 vendor ID
May 21 10:27:11 12[IKE] <1> received MS-Negotiation Discovery Capable vendor ID
May 21 10:27:11 12[IKE] <1> received Vid-Initial-Contact vendor ID
May 21 10:27:11 12[ENC] <1> received unknown vendor ID: 01:52:8b:bb:c0:06:96:12:18:49:ab:9a:1c:5b:2a:51:00:00:00:02
May 21 10:27:11 12[IKE] <1> 172.10.128.210 is initiating an IKE_SA
May 21 10:27:11 12[CFG] <1> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024
May 21 10:27:11 12[IKE] <1> faking NAT situation to enforce UDP encapsulation
May 21 10:27:11 12[ENC] <1> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(MULT_AUTH) ]
May 21 10:27:11 12[NET] <1> sending packet: from 172.10.130.248[500] to 172.10.128.210[500] (320 bytes)
May 21 10:27:11 15[NET] <1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes)
May 21 10:27:11 15[ENC] <1> parsed IKE_AUTH request 1 [ EF(1/3) ]
May 21 10:27:11 15[ENC] <1> received fragment #1 of 3, waiting for complete IKE message
May 21 10:27:11 15[NET] <1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes)
May 21 10:27:11 15[ENC] <1> parsed IKE_AUTH request 1 [ EF(2/3) ]
May 21 10:27:11 15[ENC] <1> received fragment #2 of 3, waiting for complete IKE message
May 21 10:27:11 16[NET] <1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (332 bytes)
May 21 10:27:11 16[ENC] <1> parsed IKE_AUTH request 1 [ EF(3/3) ]
May 21 10:27:11 16[ENC] <1> received fragment #3 of 3, reassembled fragmented IKE message (1320 bytes)
May 21 10:27:11 16[ENC] <1> parsed IKE_AUTH request 1 [ IDi CERTREQ N(MOBIKE_SUP) CPRQ(ADDR DNS NBNS SRV) SA TSi TSr ]
May 21 10:27:11 16[IKE] <1> received cert request for "C=FR, O=Organization, CN=IntermediateAuthority"
May 21 10:27:11 16[IKE] <1> received cert request for "C=FR, O=Organization, CN=RootAuthority"
May 21 10:27:11 16[IKE] <1> received 47 cert requests for an unknown ca
May 21 10:27:11 16[CFG] <1> looking for peer configs matching 172.10.130.248[%any]...172.10.128.210[172.10.128.210]
May 21 10:27:11 16[CFG] <IKEv2-eap|1> selected peer config 'IKEv2-eap'
May 21 10:27:11 16[IKE] <IKEv2-eap|1> initiating EAP_IDENTITY method (id 0x00)
May 21 10:27:11 16[IKE] <IKEv2-eap|1> peer supports MOBIKE
May 21 10:27:11 16[IKE] <IKEv2-eap|1> authentication of 'C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, [email protected]' (myself) with RSA signature successful
May 21 10:27:11 16[IKE] <IKEv2-eap|1> sending end entity cert "C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, [email protected]"
May 21 10:27:11 16[ENC] <IKEv2-eap|1> generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
May 21 10:27:11 16[ENC] <IKEv2-eap|1> splitting IKE message (1656 bytes) into 2 fragments
May 21 10:27:11 16[ENC] <IKEv2-eap|1> generating IKE_AUTH response 1 [ EF(1/2) ]
May 21 10:27:11 16[ENC] <IKEv2-eap|1> generating IKE_AUTH response 1 [ EF(2/2) ]
May 21 10:27:11 16[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (1244 bytes)
May 21 10:27:11 16[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (492 bytes)
May 21 10:27:11 15[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (104 bytes)
May 21 10:27:11 15[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 2 [ EAP/RES/ID ]
May 21 10:27:11 15[IKE] <IKEv2-eap|1> received EAP identity 'My Name'
May 21 10:27:11 15[IKE] <IKEv2-eap|1> initiating EAP_TLS method (id 0xC9)
May 21 10:27:11 15[ENC] <IKEv2-eap|1> generating IKE_AUTH response 2 [ EAP/REQ/TLS ]
May 21 10:27:11 15[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (88 bytes)
May 21 10:27:11 07[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (248 bytes)
May 21 10:27:11 07[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 3 [ EAP/RES/TLS ]
May 21 10:27:11 07[TLS] <IKEv2-eap|1> negotiated TLS 1.2 using suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
May 21 10:27:11 07[TLS] <IKEv2-eap|1> sending TLS server certificate 'C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, [email protected]'
May 21 10:27:11 07[TLS] <IKEv2-eap|1> sending TLS intermediate certificate 'C=FR, O=Organization, CN=IntermediateAuthority'
May 21 10:27:11 07[TLS] <IKEv2-eap|1> sending TLS cert request for 'C=FR, O=Organization, CN=IntermediateAuthority'
May 21 10:27:11 07[TLS] <IKEv2-eap|1> sending TLS cert request for 'C=FR, O=Organization, CN=RootAuthority'
May 21 10:27:11 07[ENC] <IKEv2-eap|1> generating IKE_AUTH response 3 [ EAP/REQ/TLS ]
May 21 10:27:11 07[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (1112 bytes)
May 21 10:27:11 05[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (88 bytes)
May 21 10:27:11 05[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 4 [ EAP/RES/TLS ]
May 21 10:27:11 05[ENC] <IKEv2-eap|1> generating IKE_AUTH response 4 [ EAP/REQ/TLS ]
May 21 10:27:11 05[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (1112 bytes)
May 21 10:27:11 08[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (88 bytes)
May 21 10:27:11 08[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 5 [ EAP/RES/TLS ]
May 21 10:27:11 08[ENC] <IKEv2-eap|1> generating IKE_AUTH response 5 [ EAP/REQ/TLS ]
May 21 10:27:11 08[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (744 bytes)
May 21 10:27:11 09[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes)
May 21 10:27:11 09[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 6 [ EF(1/3) ]
May 21 10:27:11 09[ENC] <IKEv2-eap|1> received fragment #1 of 3, waiting for complete IKE message
May 21 10:27:11 09[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes)
May 21 10:27:11 09[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 6 [ EF(2/3) ]
May 21 10:27:11 09[ENC] <IKEv2-eap|1> received fragment #2 of 3, waiting for complete IKE message
May 21 10:27:11 09[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (492 bytes)
May 21 10:27:11 09[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 6 [ EF(3/3) ]
May 21 10:27:11 09[ENC] <IKEv2-eap|1> received fragment #3 of 3, reassembled fragmented IKE message (1480 bytes)
May 21 10:27:11 09[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 6 [ EAP/RES/TLS ]
May 21 10:27:11 09[ENC] <IKEv2-eap|1> generating IKE_AUTH response 6 [ EAP/REQ/TLS ]
May 21 10:27:11 09[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (88 bytes)
May 21 10:27:11 13[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes)
May 21 10:27:11 13[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 7 [ EF(1/3) ]
May 21 10:27:11 13[ENC] <IKEv2-eap|1> received fragment #1 of 3, waiting for complete IKE message
May 21 10:27:11 13[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes)
May 21 10:27:11 13[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 7 [ EF(2/3) ]
May 21 10:27:11 13[ENC] <IKEv2-eap|1> received fragment #2 of 3, waiting for complete IKE message
May 21 10:27:11 13[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (316 bytes)
May 21 10:27:11 13[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 7 [ EF(3/3) ]
May 21 10:27:11 13[ENC] <IKEv2-eap|1> received fragment #3 of 3, reassembled fragmented IKE message (1304 bytes)
May 21 10:27:11 13[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 7 [ EAP/RES/TLS ]
May 21 10:27:11 13[TLS] <IKEv2-eap|1> received TLS peer certificate 'C=FR, O=Organization, OU=OUnit, CN=My Name, [email protected]'
May 21 10:27:11 13[TLS] <IKEv2-eap|1> received TLS intermediate certificate 'C=FR, O=Organization, CN=IntermediateAuthority'
May 21 10:27:11 13[TLS] <IKEv2-eap|1> no trusted certificate found for 'My Name' to verify TLS peer
May 21 10:27:11 13[TLS] <IKEv2-eap|1> sending fatal TLS alert 'certificate unknown'
May 21 10:27:11 13[ENC] <IKEv2-eap|1> generating IKE_AUTH response 7 [ EAP/REQ/TLS ]
May 21 10:27:11 13[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (104 bytes)
May 21 10:27:11 06[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (88 bytes)
May 21 10:27:11 06[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 8 [ EAP/RES/TLS ]
May 21 10:27:11 06[IKE] <IKEv2-eap|1> EAP method EAP_TLS failed for peer 172.10.128.210
May 21 10:27:11 06[ENC] <IKEv2-eap|1> generating IKE_AUTH response 8 [ EAP/FAIL ]
May 21 10:27:11 06[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (88 bytes)
- 主机名 GW : vpn.domain.tld
问题是我的 Windows 客户端挂载隧道但不接受身份验证,可能是因为 charon.log 中的这些行:
May 21 10:27:11 13[TLS] <IKEv2-eap|1> received TLS peer certificate 'C=FR, O=Organization, OU=OUnit, CN=My Name, [email protected]'
May 21 10:27:11 13[TLS] <IKEv2-eap|1> received TLS intermediate certificate 'C=FR, O=Organization, CN=IntermediateAuthority'
May 21 10:27:11 13[TLS] <IKEv2-eap|1> no trusted certificate found for 'My Name' to verify TLS peer
May 21 10:27:11 13[TLS] <IKEv2-eap|1> sending fatal TLS alert 'certificate unknown'
我的配置有什么问题?
答案1
客户端发送的 EAP 身份(显然是“我的名字”)与完整的主题可分辨名称 (DN) 或任何主题替代名称 (SAN) 扩展的值和类型都不匹配。由于 strongSwan 不会将身份与 DN 的部分(例如CN
相对可分辨名称 (RDN))进行匹配 - 甚至对于 EAP-TLS 也是如此 - 因此找不到任何证书来确认身份。
两种可能的解决方案:
如果客户端允许,请让它发送不同的身份,例如完整 DN 或电子邮件地址,这些身份以 SAN 形式包含在证书中。我认为Windows 客户端无法实现, 尽管。
如果客户端始终将 RDN 的值
CN
作为 EAP 身份发送,则需要更改客户端证书:- 要么更改
CN
为匹配其中一个 SAN,在这种情况下,您可以将其设置为电子邮件地址(如果需要,可以将该人的姓名编码在DN 中的S
- 姓氏 - 和G
- 名字 - RDN 中)。 - 另一种方法是添加一个域名SAN 的值为“My Name”,即匹配该
CN
值。虽然从技术上讲这不是一个有效的域名(因为有空格),但它应该与 EAP 身份匹配,因为这是解析为身份类型ID_FQDN
为 strongSwan (这是它的后备类型)。
- 要么更改