我有一个 StrongSwan VPN,由于某些未知的原因,它无法将 iOS 用户连接到我的 VPN 服务器。
几点简要说明:
我的 StrongSwan 服务器是连接到我的网络的 VPN 客户端的前端。我将其用于
WireGuard后端站点到站点路由。所有 StrongSwan VPN 用户都经过服务器验证
FreeRadius。StrongSwan 客户端在子网上被分配一个 IP
192.168.201.0/24,而 WireGuard 主干网在子网上运行192.168.200.0/24。所有客户端还被赋予一个属于我分配的 /48 子网的公共 IPv6 地址。
我在 Ubuntu 20.04 上运行 StrongSwan,我的配置文件位于/etc/swanctl/config/文件夹中,并且由于文件名以 结尾而默认包含在内.conf。
内容如下:
# Default VPN server settings for all connections
conn-defaults {
local_addrs = PUBLIC_IPV4, PUBLIC_IPV6
local {
auth = pubkey
certs = vpn-ecdsa.cer
id = vpn.example.com
}
version = 2
send_certreq = no
send_cert = always
unique = never
fragmentation = yes
encap = yes
dpd_delay = 60s
rekey_time = 0s
}
# Default login method
eap-defaults {
remote {
auth = eap-radius
id = %any
eap_id = %any
}
}
connections
{
# Generic Android configuration that is extended further down.
#
# Works with StrongSwan VPN client for Android
conn-unix : conn-defaults, eap-defaults {
children {
net {
local_ts = 0.0.0.0/0, ::/0
}
net-unix : child-defaults {
}
esp_proposals = aes128gcm128-x25519
}
proposals = aes128-sha256-x25519
}
# All Windows klients matches this rule as username validation
# is done by 'eap_start = yes' in strongswan.conf.
#
# Works with Windows 10 built-in VPN client.
conn-windows : conn-defaults, eap-defaults {
children {
net {
local_ts = 0.0.0.0/0, ::/0
}
esp_proposals = aes256-sha256-prfsha256-modp1024
}
proposals = aes256-sha256-prfsha256-modp1024
pools = IkeVPN-site-ipv4, IkeVPN-site-ipv6
}
# A very similar configuration to Windows clients
# configuration, except iOS uses 2048 bit keys,
# while Windows uses 1024 bit keys.
#
# Does NOT work in its current state.
conn-ios : conn-defaults, eap-defaults {
children {
net {
local_ts = 0.0.0.0/0, ::/0
}
esp_proposals = aes256-sha2_256
pools = IkeVPN-site-ipv4, IkeVPN-site-ipv6
}
proposals = aes256-sha256-prfsha256-modp2048
}
# Android users is matched against this connection as they are
# running the app StrongSwan VPN client. Username is passed in the
# 'id' field to StrongSwan VPN server.
conn-unix-site : connections.conn-unix {
remote {
id = *@site.example.com
}
pools = IkeVPN-site-ipv4, IkeVPN-site-ipv6
}
}
pools
{
IkeVPN-site-ipv4 {
addrs = 192.168.201.0/24
dns = 192.168.200.1
}
IkeVPN-site-ipv6 {
addrs = 2001:db8:cafe::/97
dns = 2001:db8::1
}
}
我的配置是使用以下网页给出的结构创建的:
https://wiki.strongswan.org/projects/strongswan/wiki/Strongswanconf#Referencing-other-Sections
我使用它的原因是为了避免在所有连接配置文件中重复相同的配置设置。
如果您不熟悉此设置,conn-ios则以下配置应被视为等效的:
conn-ios {
# Obtained from conn-default
local_addrs = PUBLIC_IPV4, PUBLIC_IPV6
local {
auth = pubkey
certs = vpn-ecdsa.cer
id = vpn.example.com
}
version = 2
send_certreq = no
send_cert = always
unique = never
fragmentation = yes
encap = yes
dpd_delay = 60s
rekey_time = 0s
# Obtained from eap-defaults
remote {
auth = eap-radius
id = %any
eap_id = %any
}
# Obtained from original conn-ios profile above.
children {
net {
local_ts = 0.0.0.0/0, ::/0
}
esp_proposals = aes256-sha2_256
pools = IkeVPN-site-ipv4, IkeVPN-site-ipv6
}
proposals = aes256-sha256-prfsha256-modp2048
}
部分中列出的服务器证书conn-default是使用 Acme.sh 从 Let's Encrypt 获得的 ECDSA 证书。
proposalsiOS配置中的加密值esp_proposals取自以下提示:https://wiki.strongswan.org/projects/strongswan/wiki/AppleClients。
在测试所有 Android 或 Windows 用户组合时,连接均没有任何问题,但当有人尝试使用 iPhone 登录时,连接就会停止。
iPhone 尝试连接时日志的输出如下:
10[IKE] CLIENT_IPV4 is initiating an IKE_SA
10[CFG] received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1536, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
10[CFG] configured proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
10[IKE] no matching proposal found, trying alternative config
10[CFG] received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1536, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
10[CFG] configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024
10[IKE] no matching proposal found, trying alternative config
10[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
10[IKE] remote host is behind NAT
10[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
10[NET] sending packet: from PUBLIC_IPV4[500] to CLIENT_IPV4[6452] (456 bytes)
06[NET] received packet: from CLIENT_IPV4[13549] to PUBLIC_IPV4[4500] (512 bytes)
06[ENC] unknown attribute type INTERNAL_DNS_DOMAIN
06[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr CPRQ(ADDR MASK DHCP DNS ADDR6 DHCP6 DNS6 DOMAIN) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr N(MOBIKE_SUP) ]
06[CFG] looking for peer configs matching PUBLIC_IPV4[vpn.example.com]...CLIENT_IPV4[PRIVATE_CLASS_A_ADDRESS]
06[CFG] selected peer config 'conn-ios'
06[IKE] initiating EAP_IDENTITY method (id 0x00)
06[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
06[IKE] peer supports MOBIKE
06[IKE] authentication of 'vpn.example.com' (myself) with ECDSA-256 signature successful
06[IKE] sending end entity cert "CN=vpn.example.com"
06[IKE] sending issuer cert "C=US, O=Let's Encrypt, CN=R3"
06[ENC] generating IKE_AUTH response 1 [ IDr CERT CERT AUTH EAP/REQ/ID ]
06[ENC] splitting IKE message (2816 bytes) into 3 fragments
06[ENC] generating IKE_AUTH response 1 [ EF(1/3) ]
06[ENC] generating IKE_AUTH response 1 [ EF(2/3) ]
06[ENC] generating IKE_AUTH response 1 [ EF(3/3) ]
06[NET] sending packet: from PUBLIC_IPV4[4500] to CLIENT_IPV4[13549] (1236 bytes)
06[NET] sending packet: from PUBLIC_IPV4[4500] to CLIENT_IPV4[13549] (1236 bytes)
06[NET] sending packet: from PUBLIC_IPV4[4500] to CLIENT_IPV4[13549] (500 bytes)
11[JOB] deleting half open IKE_SA with CLIENT_IPV4 after timeout
iPhone 用户使用内置 VPN 客户端进行连接,设置如下:
类型 IKEv2
描述:VPN 服务器
服务器:vpn.example.com
远程 ID:vpn.example.com
本地 ID:空白
用户名和密码验证。
用户名:[电子邮件保护]
密码:ItIsASecret
有人知道为什么 iOS 用户在加载conn-ios配置文件时连接会停止吗?
更新 我们升空了!:-)
根据@ecdsa 的建议,我已将证书切换为 2048 位 RSA 证书。
我的 Radius 服务器被调用。用户身份验证成功,客户端获得分配的 IP 地址。我很高兴。:-)
我现在的配置conn-ios是:
conn-ios : conn-defaults, eap-defaults {
# Overriding defaults from 'conn-default'
local {
auth = pubkey
certs = vpn-rsa.cer
id = vpn.example.com
}
children {
net {
local_ts = 0.0.0.0/0, ::/0
}
esp_proposals = aes256-sha256
}
pools = IkeVPN-site-ipv4, IkeVPN-site-ipv6
proposals = aes256-sha256-prfsha256-modp2048
}
其余一切都与我的初始配置相同。
答案1
正如我们在日志中看到的,客户端不支持RFC 7427(否则,哈希算法通知将在期间进行交换IKE_SA_INIT),这定义了灵活的基于签名的身份验证。
虽然 IKEv2 也支持没有该扩展的 ECDSA,RFC 4754仅增加了对它的有限支持(只能使用三条 NIST 曲线,每条曲线都分配有特定的哈希算法)。因此,Apple 客户端可能只在明确配置的情况下接受/使用 ECDSA配置文件(有一个选项CertificateType可以设置为例如ECDSA256)。
如果无法使用配置文件,则唯一的选择是使用RSA 服务器证书,至少直到 Apple 在其 IKEv2 客户端中实现对 RFC 7427 的支持。