從Android strongSwan到Cisco IOS的IKEv2,帶EAP和RSA身份驗證
目錄
簡介
本文說明如何配置strongSwan的移動版本,以便通過網際網路金鑰交換版本2(IKEv2)協定訪問Cisco IOS®軟體VPN網關。
給出了三個示例:
- 使用strongSwan的Android電話,通過可擴展身份驗證協定 — 消息摘要5(EAP-MD5)身份驗證連線到Cisco IOS軟體VPN網關。
- 帶有strongSwan的Android電話,通過證書身份驗證(RSA)連線到Cisco IOS軟體VPN網關。
- Android電話,帶有strongSwan,通過網路地址轉換(NAT)連線到Cisco IOS軟體VPN網關。 在VPN網關證書中要求具有兩個x509擴展使用者替代名稱。
還包括Cisco IOS軟體和strongSwan限制。
必要條件
需求
思科建議您瞭解以下主題:
- OpenSSL組態的基本知識
- Cisco IOS軟體命令列介面(CLI)配置基礎知識
- IKEv2基礎知識
採用元件
本文中的資訊係根據以下軟體和硬體版本:
- Android 4.0或更高版本,帶strongSwan
- Cisco IOS軟體版本15.3T或更高版本
- Cisco Identity Services Engine(ISE)軟體1.1.4版及更新版本
本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除(預設)的組態來啟動。如果您的網路正在作用,請確保您已瞭解任何指令可能造成的影響。
設定
網路圖表
Android strongSwan使用Cisco IOS軟體網關建立IKEv2隧道,以便安全地訪問內部網路。
證書註冊
證書是基於EAP和基於RSA的身份驗證的先決條件。
在EAP身份驗證方案中,僅在VPN網關上需要證書。僅當軟體提供由Android上受信任的證書頒發機構(CA)簽名的證書時,客戶端才連線到Cisco IOS軟體。然後啟動客戶端的EAP會話,以對Cisco IOS軟體進行身份驗證。
對於基於RSA的身份驗證,兩個終端必須具有正確的證書。
將IP位址用作對等ID時,對憑證有其他要求。Android strongSwan驗證VPN網關的IP地址是否包含在x509擴展主題備用名稱中。如果沒有,Android將丟棄連線;這是良好的做法以及RFC 6125的建議。
OpenSSL作為CA使用,因為Cisco IOS軟體具有限制:它無法生成副檔名包含IP地址的證書。所有證書均由OpenSSL生成並匯入到Android和Cisco IOS軟體中。
在Cisco IOS軟體中,subject-alt-name命令可用於建立包含IP位址的擴充模組,但該命令僅適用於自簽名的憑證。思科錯誤ID CSCui44783「IOS ENH PKI capability to generate CSR with subject-alt-name extension」(IOS增強PKI使用使用者名稱擴展生成CSR的能力)是一個增強請求,允許Cisco IOS軟體為所有型別的註冊生成擴展。
以下是產生CA的命令範例:
#generate key
openssl genrsa -des3 -out ca.key 2048
#generate CSR
openssl req -new -key ca.key -out ca.csr
#remove protection
cp ca.key ca.key.org
openssl rsa -in ca.key.org -out ca.key
#self sign certificate
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
-extensions v3_req -extfile conf_global.crt
conf_global.crt是配置檔案。CA擴展應設定為TRUE:
[ req ]
default_bits = 1024 # Size of keys
default_md = md5 # message digest algorithm
string_mask = nombstr # permitted characters
#string_mask = pkix # permitted characters
distinguished_name = req_distinguished_name
req_extensions = v3_req
[ v3_req ]
basicConstraints = CA:TRUE
subjectKeyIdentifier = hash
Cisco IOS軟體和Android生成證書的命令非常相似。此範例假設已經有一個用於對憑證進行簽名的CA:
#generate key
openssl genrsa -des3 -out server.key 2048
#generate CSR
openssl req -new -key server.key -out server.csr
#remove protection
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
#sign the cert and add Alternate Subject Name extension from
conf_global_cert.crt file with configuration
openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial
-out server.crt -days 365 -extensions v3_req -extfile conf_global_cert.crt
#create pfx file containig CA cert and server cert
openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt
-certfile ca.crt
conf_global_cert.crt是配置檔案。「備用使用者名稱」副檔名是一個鍵設定。在此示例中,CA擴展設定為FALSE:
[ req ]
default_bits = 1024 # Size of keys
default_md = md5 # message digest algorithm
string_mask = nombstr # permitted characters
#string_mask = pkix # permitted characters
distinguished_name = req_distinguished_name
req_extensions = v3_req
[ v3_req ]
basicConstraints = CA:FALSE
subjectKeyIdentifier = hash
subjectAltName = @alt_names
[alt_names]
IP.1 = 10.48.64.15
應該同時為Cisco IOS軟體和Android生成證書。
IP地址10.48.64.15屬於Cisco IOS軟體網關。為Cisco IOS軟體生成證書時,請確保將subjectAltName設定為10.48.64.15。Android將驗證從Cisco IOS軟體收到的證書,並嘗試在subjectAltName中查詢其IP地址。
Cisco IOS軟體
Cisco IOS軟體需要為基於RSA和基於EAP的身份驗證安裝正確的證書。
可以匯入Cisco IOS軟體的pfx檔案(即pkcs12容器):
BSAN-2900-1(config)# crypto pki import TP pkcs12
http://10.10.10.1/server.pfx password 123456
% Importing pkcs12...
Source filename [server.pfx]?
CRYPTO_PKI: Imported PKCS12 file successfully.
使用show crypto pki certificates verbose命令驗證匯入是否成功:
BSAN-2900-1# show crypto pki certificates verbose
Certificate
Status: Available
Version: 3
Certificate Serial Number (hex): 00A003C5DCDEFA146C
Certificate Usage: General Purpose
Issuer:
cn=Cisco
ou=Cisco TAC
o=Cisco
l=Krakow
st=Malopolskie
c=PL
Subject:
Name: IOS
IP Address: 10.48.64.15
cn=IOS
ou=TAC
o=Cisco
l=Krakow
st=Malopolska
c=PL
Validity Date:
start date: 18:04:09 UTC Aug 1 2013
end date: 18:04:09 UTC Aug 1 2014
Subject Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Signature Algorithm: SHA1 with RSA Encryption
Fingerprint MD5: 2C45BF10 0BACB98D 444F5804 1DC27ECF
Fingerprint SHA1: 26B66A66 DF5E7D6F 498DD653 A2C164D7 4C7A7F8F
X509v3 extensions:
X509v3 Subject Key ID: AD598A9B 8AB6893B AB3CB8B9 28B2039C 78441E72
X509v3 Basic Constraints:
CA: FALSE
X509v3 Subject Alternative Name:
10.48.64.15
Authority Info Access:
Associated Trustpoints: TP
Storage: nvram:Cisco#146C.cer
Key Label: TP
Key storage device: private config
CA Certificate
Status: Available
Version: 3
Certificate Serial Number (hex): 00DC8EAD98723DF56A
Certificate Usage: General Purpose
Issuer:
cn=Cisco
ou=Cisco TAC
o=Cisco
l=Krakow
st=Malopolskie
c=PL
Subject:
cn=Cisco
ou=Cisco TAC
o=Cisco
l=Krakow
st=Malopolskie
c=PL
Validity Date:
start date: 16:39:55 UTC Jul 23 2013
end date: 16:39:55 UTC Jul 23 2014
Subject Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Signature Algorithm: SHA1 with RSA Encryption
Fingerprint MD5: 0A2432DC 33F0DC46 AAB23E26 ED474B7E
Fingerprint SHA1: A50E3892 ED5C4542 FA7FF584 DE07B6E0 654A62D0
X509v3 extensions:
X509v3 Subject Key ID: 786F263C 0F5A1963 D6AD18F8 86DCE7C9 0185911E
X509v3 Basic Constraints:
CA: TRUE
Authority Info Access:
Associated Trustpoints: TP
Storage: nvram:Cisco#F56ACA.cer
BSAN-2900-1#show ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 10.48.64.15 YES NVRAM up up
Android
對於基於EAP的身份驗證,Andorid只需安裝正確的CA證書。
對於基於RSA的身份驗證,Andorid需要同時安裝CA證書及其自己的證書。
以下程式介紹如何安裝兩個憑證:
- 通過電子郵件傳送pfx檔案,然後將其開啟。
- 提供生成pfx檔案時使用的密碼。
- 提供匯入的證書的名稱。
- 導覽至Settings > Security > Trusted Credentials,以驗證憑證安裝。新證書應顯示在使用者儲存中:
此時,使用者證書以及CA證書均已安裝。pfx檔案是一個包含使用者證書和CA證書的pkcs12容器。
Android在匯入證書時具有精確的要求。例如,要成功匯入CA證書,Android要求將x509v3擴展基本約束CA設定為TRUE。因此,當您生成CA或使用您自己的CA時,驗證它是否具有正確的副檔名非常重要:
pluton custom_ca # openssl x509 -in ca.crt -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
dc:8e:ad:98:72:3d:f5:6a
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=PL, ST=Malopolskie, L=Krakow, O=Cisco, OU=Cisco TAC, CN=Cisco
<.....output omitted>
X509v3 Basic Constraints:
CA:TRUE
<.....output omitted>
EAP身份驗證
適用於EAP驗證的Cisco IOS軟體組態
IKEv2允許使用EAP協定棧來執行使用者身份驗證。VPN網關使用證書呈現自身。一旦客戶端信任該證書,客戶端就會響應網關的EAP請求身份。Cisco IOS軟體會使用該身分並向Authentication, authorization, and accounting(AAA)伺服器傳送Radius-Request訊息,並在要求者(Android)和驗證伺服器(存取控制伺服器[ACS]或ISE)之間建立EAP-MD5作業階段。
成功進行EAP-MD5身份驗證後(如Radius-Accept消息所示),Cisco IOS軟體使用配置模式將IP地址推送到客戶端,並繼續流量選擇器協商。
請注意,Android已傳送IKEID=cisco(如配置)。 Cisco IOS軟體上收到的此IKEID與「ikev2配置檔案PROF」匹配。
aaa new-model
aaa authentication login eap-list-radius group radius
aaa authorization network IKE2_AUTHOR_LOCAL local
crypto pki trustpoint TP
revocation-check none
crypto ikev2 authorization policy IKE2_AUTHOR_POLICY
pool POOL
!
crypto ikev2 proposal ikev2-proposal
encryption aes-cbc-128
integrity sha1
group 14
!
crypto ikev2 policy ikev2-policy
proposal ikev2-proposal
!
!
crypto ikev2 profile PROF
match identity remote key-id cisco
authentication remote eap query-identity
authentication local rsa-sig
pki trustpoint TP
aaa authentication eap eap-list-radius
aaa authorization group eap list IKE2_AUTHOR_LOCAL IKE2_AUTHOR_POLICY
aaa authorization user eap cached
virtual-template 1
crypto ipsec transform-set 3DES-MD5 esp-aes esp-sha-hmac
mode tunnel
!
crypto ipsec profile PROF
set transform-set 3DES-MD5
set ikev2-profile PROF
interface GigabitEthernet0/0
ip address 10.48.64.15 255.255.255.128
interface Virtual-Template1 type tunnel
ip unnumbered GigabitEthernet0/0
tunnel mode ipsec ipv4
tunnel protection ipsec profile PROF
ip local pool POOL 192.168.0.1 192.168.0.10
radius-server host 10.48.66.185 key cisco
EAP身份驗證的Android配置
Android strongSwan必須已配置EAP:
- 禁用自動證書選擇;否則,將在第三個資料包中傳送100個或更多的CERT_REQ。
- 選擇在上一步中匯入的特定證書(CA);使用者名稱和密碼應該與AAA伺服器上的相同。
EAP身份驗證測試
在Cisco IOS軟體中,這些是EAP身份驗證最重要的調試。為了清楚起見,大多數輸出均被省略:
debug crypto ikev2 error
debug crypto ikev2 internal
debug radius authentication
debug radius verbose
IKEv2:New ikev2 sa request admitted
IKEv2:(SA ID = 1):Searching policy based on peer's identity 'cisco' of type
'FQDN'
IKEv2:(1): Choosing IKE profile PROF
IKEv2:Sending certificates as X509 certificates
RADIUS(00000025): Send Access-Request to 10.48.66.185:1645 id 1645/4,len 110
RADIUS: Received from id 1645/4 10.48.66.185:1645, Access-Challenge, len 79
RADIUS(00000025): Send Access-Request to 10.48.66.185:1645 id 1645/5,len 141
RADIUS: Received from id 1645/5 10.48.66.185:1645, Access-Challenge, len 100
RADIUS(00000025): Send Access-Request to 10.48.66.185:1645 id 1645/6,len 155
RADIUS: Received from id 1645/6 10.48.66.185:1645, Access-Accept, len 76
IKEv2:(SA ID = 1):SM Trace-> SA: I_SPI=AABAB198FACAAEDE R_SPI=D61F37C4DC875001
(R) MsgID = 00000004 CurState: R_PROC_EAP_RESP Event: EV_RECV_EAP_SUCCESS
IKEv2:IKEv2 local AAA author request for 'IKE2_AUTHOR_POLICY'
IKEv2:Received group author attributes: ipv4-pool: POOL, route-accept any tag:1
distance:1
IKEv2:Allocated addr 192.168.0.2 from local pool POOL
IKEv2:(SA ID = 1):SM Trace-> SA: I_SPI=AABAB198FACAAEDE R_SPI=D61F37C4DC875001
(R) MsgID = 00000005 CurState: R_VERIFY_AUTH Event:
EV_OK_RECD_VERIFY_IPSEC_POLICY
%LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state
to up
Android日誌顯示:
00[DMN] Starting IKE charon daemon (strongSwan 5.1.0dr2,
Linux 3.4.0-perf-gf43c3d9, armv7l)
00[KNL] kernel-netlink plugin might require CAP_NET_ADMIN capability
00[LIB] loaded plugins: androidbridge charon android-log openssl fips-prf
random nonce pubkey pkcs1 pkcs8 pem xcbc hmac socket-default kernel-netlink
00[LIB] unable to load 9 plugin features (9 due to unmet dependencies)
00[JOB] spawning 16 worker threads
13[IKE] initiating IKE_SA android[1] to 10.48.64.15
13[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
13[NET] sending packet: from 10.147.24.153[45581] to 10.48.64.15[500]
(648 bytes)
11[NET] received packet: from 10.48.64.15[500] to 10.147.24.153[45581]
(497 bytes)
11[ENC] parsed IKE_SA_INIT response 0 [ SA KE No V V N(NATD_S_IP) N(NATD_D_IP)
CERTREQ N(HTTP_CERT_LOOK) ]
11[ENC] received unknown vendor ID:
43:49:53:43:4f:2d:44:45:4c:45:54:45:2d:52:45:41:53:4f:4e
11[ENC] received unknown vendor ID:
46:4c:45:58:56:50:4e:2d:53:55:50:50:4f:52:54:45:44
11[IKE] faking NAT situation to enforce UDP encapsulation
11[IKE] cert payload ANY not supported - ignored
11[IKE] sending cert request for "C=PL, ST=Malopolskie, L=Krakow, O=Cisco,
OU=Cisco TAC, CN=Cisco"
11[IKE] establishing CHILD_SA android
11[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ
CP(ADDR ADDR6 DNS DNS6) N(ESP_TFC_PAD_N) SA TSi TSr N(MOBIKE_SUP)
11[NET] sending packet: from 10.147.24.153[35564] to 10.48.64.15[4500]
(508 bytes)
10[NET] received packet: from 10.48.64.15[4500] to 10.147.24.153[35564]
(1292 bytes)
10[ENC] parsed IKE_AUTH response 1 [ V IDr CERT AUTH EAP/REQ/ID ]
10[IKE] received end entity cert "C=PL, ST=Malopolska, L=Krakow, O=Cisco,
OU=TAC, CN=IOS"
10[CFG] using certificate "C=PL, ST=Malopolska, L=Krakow, O=Cisco, OU=TAC,
CN=IOS"
10[CFG] using trusted ca certificate "C=PL, ST=Malopolskie, L=Krakow, O=Cisco,
OU=Cisco TAC, CN=Cisco"
10[CFG] reached self-signed root ca with a path length of 0
10[IKE] authentication of '10.48.64.15' with RSA signature successful
10[IKE] server requested EAP_IDENTITY (id 0x3B), sending 'cisco'
10[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ]
10[NET] sending packet: from 10.147.24.153[35564] to 10.48.64.15[4500]
(76 bytes)
09[NET] received packet: from 10.48.64.15[4500] to 10.147.24.153[35564]
(76 bytes)
09[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TLS ]
09[IKE] server requested EAP_TLS authentication (id 0x59)
09[IKE] EAP method not supported, sending EAP_NAK
09[ENC] generating IKE_AUTH request 3 [ EAP/RES/NAK ]
09[NET] sending packet: from 10.147.24.153[35564] to 10.48.64.15[4500]
(76 bytes)
08[NET] received packet: from 10.48.64.15[4500] to 10.147.24.153[35564]
(92 bytes)
08[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/MD5 ]
08[IKE] server requested EAP_MD5 authentication (id 0x5A)
08[ENC] generating IKE_AUTH request 4 [ EAP/RES/MD5 ]
08[NET] sending packet: from 10.147.24.153[35564] to 10.48.64.15[4500]
(92 bytes)
07[NET] received packet: from 10.48.64.15[4500] to 10.147.24.153[35564]
(76 bytes)
07[ENC] parsed IKE_AUTH response 4 [ EAP/SUCC ]
07[IKE] EAP method EAP_MD5 succeeded, no MSK established
07[IKE] authentication of 'cisco' (myself) with EAP
07[ENC] generating IKE_AUTH request 5 [ AUTH ]
07[NET] sending packet: from 10.147.24.153[35564] to 10.48.64.15[4500]
(92 bytes)
06[NET] received packet: from 10.48.64.15[4500] to 10.147.24.153[35564]
(236 bytes)
06[ENC] parsed IKE_AUTH response 5 [ AUTH CP(ADDR) SA TSi TSr N(SET_WINSIZE)
N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) ]
06[IKE] authentication of '10.48.64.15' with EAP successful
06[IKE] IKE_SA android[1] established between
10.147.24.153[cisco]...10.48.64.15[10.48.64.15]
06[IKE] scheduling rekeying in 35421s
06[IKE] maximum IKE_SA lifetime 36021s
06[IKE] installing new virtual IP 192.168.0.1
06[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
06[IKE] CHILD_SA android{1} established with SPIs c776cb4f_i ea27f072_o and
TS 192.168.0.1/32 === 0.0.0.0/0
06[DMN] setting up TUN device for CHILD_SA android{1}
06[DMN] successfully created TUN device
此範例顯示如何驗證Cisco IOS軟體上的狀態:
BSAN-2900-1#show crypto session detail
Crypto session current status
Code: C - IKE Configuration mode, D - Dead Peer Detection
K - Keepalives, N - NAT-traversal, T - cTCP encapsulation
X - IKE Extended Authentication, F - IKE Fragmentation
Interface: Virtual-Access1
Uptime: 00:02:12
Session status: UP-ACTIVE
Peer: 10.147.24.153 port 60511 fvrf: (none) ivrf: (none)
Phase1_id: cisco
Desc: (none)
IKEv2 SA: local 10.48.64.15/4500 remote 10.147.24.153/60511 Active
Capabilities:NX connid:1 lifetime:23:57:48
IPSEC FLOW: permit ip 0.0.0.0/0.0.0.0 host 192.168.0.2
Active SAs: 2, origin: crypto map
Inbound: #pkts dec'ed 40 drop 0 life (KB/Sec) 4351537/3468
Outbound: #pkts enc'ed 5 drop 0 life (KB/Sec) 4351542/3468
BSAN-2900-1#show crypto ikev2 sa detailed
IPv4 Crypto IKEv2 SA
Tunnel-id Local Remote fvrf/ivrf Status
1 10.48.64.15/4500 10.147.24.153/60511 none/none READY
Encr: AES-CBC, keysize: 128, Hash: SHA96, DH Grp:14, Auth sign: RSA,
Auth verify: EAP
Life/Active Time: 86400/137 sec
CE id: 1002, Session-id: 2
Status Description: Negotiation done
Local spi: D61F37C4DC875001 Remote spi: AABAB198FACAAEDE
Local id: 10.48.64.15
Remote id: cisco
Remote EAP id: cisco
Local req msg id: 0 Remote req msg id: 6
Local next msg id: 0 Remote next msg id: 6
Local req queued: 0 Remote req queued: 6
Local window: 5 Remote window: 1
DPD configured for 0 seconds, retry 0
Fragmentation not configured.
Extended Authentication configured.
NAT-T is detected outside
Cisco Trust Security SGT is disabled
Assigned host addr: 192.168.0.2
Initiator of SA : No
以下圖顯示如何驗證Android上的狀態:
RSA身份驗證
用於RSA身份驗證的Cisco IOS軟體配置
在Rivest-Shamir-Adleman(RSA)身份驗證中,Android傳送證書以便向Cisco IOS軟體進行身份驗證。這就是需要將該流量繫結到特定IKEv2配置檔案的證書對映的原因。不需要使用者EAP身份驗證。
以下示例說明如何為遠端對等體設定RSA身份驗證:
crypto pki certificate map CERT_MAP 10
subject-name co android
crypto ikev2 profile PROF
match certificate CERT_MAP
authentication remote rsa-sig
authentication local rsa-sig
pki trustpoint TP
aaa authorization group cert list IKE2_AUTHOR_LOCAL IKE2_AUTHOR_POLICY
virtual-template 1
用於RSA身份驗證的Android配置
使用者證書已被使用者證書替換:
RSA身份驗證測試
在Cisco IOS軟體中,這些是RSA身份驗證最重要的調試。為了清楚起見,大多數輸出均被省略:
debug crypto ikev2 error
debug crypto ikev2 internal
debug crypto pki transactions
debug crypto pki validation
debug crypto pki messages
IKEv2:New ikev2 sa request admitted
IKEv2:(SA ID = 1):Searching policy based on peer's identity 'cn=android,ou=TAC,
o=Cisco,l=Krakow,st=Malopolska,c=PL' of type 'DER ASN1 DN'
IKEv2:(1): Choosing IKE profile PROF
IKEv2:Sending certificates as X509 certificates
IKEv2:(SA ID = 1):Peer's authentication method is 'RSA'
IKEv2:Peer has sent X509 certificates
CRYPTO_PKI: Found a issuer match
CRYPTO_PKI: (9000B) Certificate is verified
CRYPTO_PKI: (9000B) Certificate validation succeeded
IKEv2:(SA ID = 1):[Crypto Engine -> IKEv2] Verification of signed
authentication data PASSED
IKEv2:IKEv2 local AAA author request for 'IKE2_AUTHOR_POLICY'
IKEv2:Received group author attributes: ipv4-pool: POOL, route-accept any tag:1
distance:1
IKEv2:Allocated addr 192.168.0.3 from local pool POOL
IKEv2:(SA ID = 1):SM Trace-> SA: I_SPI=E53A57E359A8437C R_SPI=A03D273FC75EEBD9
(R) MsgID = 00000001 CurState: R_VERIFY_AUTH Event:
EV_OK_RECD_VERIFY_IPSEC_POLICY
%LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state
to up
Android日誌顯示:
00[DMN] Starting IKE charon daemon (strongSwan 5.1.0dr2,
Linux 3.4.0-perf-gf43c3d9, armv7l)
00[KNL] kernel-netlink plugin might require CAP_NET_ADMIN capability
00[LIB] loaded plugins: androidbridge charon android-log openssl fips-prf
random nonce pubkey pkcs1 pkcs8 pem xcbc hmac socket-default
00[LIB] unable to load 9 plugin features (9 due to unmet dependencies)
00[JOB] spawning 16 worker threads
05[CFG] loaded user certificate 'C=PL, ST=Malopolska, L=Krakow, O=Cisco,
OU=TAC, CN=android' and private key
05[CFG] loaded CA certificate 'C=PL, ST=Malopolskie, L=Krakow, O=Cisco,
OU=Cisco TAC, CN=Cisco'
05[IKE] initiating IKE_SA android[4] to 10.48.64.15
05[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
05[NET] sending packet: from 10.147.24.153[34697] to 10.48.64.15[500]
(648 bytes)
10[NET] received packet: from 10.48.64.15[500] to 10.147.24.153[34697]
(497 bytes)
10[ENC] parsed IKE_SA_INIT response 0 [ SA KE No V V N(NATD_S_IP) N(NATD_D_IP)
CERTREQ N(HTTP_CERT_LOOK) ]
10[ENC] received unknown vendor ID:
43:49:53:43:4f:2d:44:45:4c:45:54:45:2d:52:45:41:53:4f:4e
10[ENC] received unknown vendor ID:
46:4c:45:58:56:50:4e:2d:53:55:50:50:4f:52:54:45:44
10[IKE] faking NAT situation to enforce UDP encapsulation
10[IKE] cert payload ANY not supported - ignored
10[IKE] sending cert request for "C=PL, ST=Malopolskie, L=Krakow, O=Cisco,
OU=Cisco TAC, CN=Cisco"
10[IKE] authentication of 'C=PL, ST=Malopolska, L=Krakow, O=Cisco, OU=TAC,
CN=android' (myself) with RSA signature successful
10[IKE] sending end entity cert "C=PL, ST=Malopolska, L=Krakow, O=Cisco,
OU=TAC, CN=android"
10[IKE] establishing CHILD_SA android
10[ENC] generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ
AUTH CP(ADDR ADDR6 DNS DNS6) N(ESP_TFC_PAD_N) SA
10[NET] sending packet: from 10.147.24.153[44527] to 10.48.64.15[4500]
(1788 bytes)
12[NET] received packet: from 10.48.64.15[4500] to 10.147.24.153[44527]
(1420 bytes)
12[ENC] parsed IKE_AUTH response 1 [ V IDr CERT AUTH CP(ADDR) SA TSi TSr
N(SET_WINSIZE) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG)
12[IKE] received end entity cert "C=PL, ST=Malopolska, L=Krakow, O=Cisco,
OU=TAC, CN=IOS"
12[CFG] using certificate "C=PL, ST=Malopolska, L=Krakow, O=Cisco, OU=TAC,
CN=IOS"
12[CFG] using trusted ca certificate "C=PL, ST=Malopolskie, L=Krakow, O=Cisco,
OU=Cisco TAC, CN=Cisco"
12[CFG] reached self-signed root ca with a path length of 0
12[IKE] authentication of '10.48.64.15' with RSA signature successful
12[IKE] IKE_SA android[4] established between 10.147.24.153[C=PL,
ST=Malopolska, L=Krakow, O=Cisco, OU=TAC,
CN=android]...10.48.64.15[10.48.64.15]
12[IKE] scheduling rekeying in 35413s
12[IKE] maximum IKE_SA lifetime 36013s
12[IKE] installing new virtual IP 192.168.0.3
12[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
12[IKE] CHILD_SA android{4} established with SPIs ecb3af87_i b2279175_o and
TS 192.168.0.3/32 === 0.0.0.0/0
12[DMN] setting up TUN device for CHILD_SA android{4}
12[DMN] successfully created TUN device
在Cisco IOS軟體中,RSA用於簽名和驗證;在上一個場景中,使用EAP進行驗證:
BSAN-2900-1#show crypto ikev2 sa detailed
IPv4 Crypto IKEv2 SA
Tunnel-id Local Remote fvrf/ivrf Status
1 10.48.64.15/4500 10.147.24.153/44527 none/none READY
Encr: AES-CBC, keysize: 128, Hash: SHA96, DH Grp:14, Auth sign: RSA,
Auth verify: RSA
Life/Active Time: 86400/16 sec
CE id: 1010, Session-id: 3
Status Description: Negotiation done
Local spi: A03D273FC75EEBD9 Remote spi: E53A57E359A8437C
Local id: 10.48.64.15
Remote id: cn=android,ou=TAC,o=Cisco,l=Krakow,st=Malopolska,c=PL
Local req msg id: 0 Remote req msg id: 2
Local next msg id: 0 Remote next msg id: 2
Local req queued: 0 Remote req queued: 2
Local window: 5 Remote window: 1
DPD configured for 0 seconds, retry 0
Fragmentation not configured.
Extended Authentication not configured.
NAT-T is detected outside
Cisco Trust Security SGT is disabled
Assigned host addr: 192.168.0.3
Initiator of SA : No
Android上的狀態驗證與上一個場景中的狀態驗證類似。
NAT後的VPN網關 — strongSwan和Cisco IOS軟體限制
以下範例說明strongSwan憑證驗證的限制。
假設Cisco IOS軟體VPN網關IP地址從172.16.1.1靜態轉換為10.147.25.80。使用EAP身份驗證。
還假設Cisco IOS軟體證書具有用於172.16.1.1和10.147.25.80的使用者替代名稱。
在成功進行EAP身份驗證後,Android會執行驗證並嘗試在Android配置(10.147.25.80)中使用的Subject Alternative Name擴展中的對等體的IP地址。驗證失敗:
日誌顯示:
constraint check failed: identity '10.147.25.80' required
發生此失敗的原因是Android只能讀取第一個主題備用名稱副檔名(172.16.1.1)。
現在,假設Cisco IOS軟體證書的兩個地址都以使用者備用名稱顯示,但順序相反:10.147.25.80和172.16.1.1。 Android在第三個資料包中收到IKEID(即VPN網關(172.16.1.1)的IP地址)時執行驗證:
現在日誌顯示:
no trusted RSA public key found for '172.16.1.1'
因此,當Android收到IKEID時,它需要在主題備用名稱中查詢IKEID,並且只能使用第一個IP地址。
驗證
驗證和測試步驟在配置示例中提供。
疑難排解
本節提供的資訊可用於對組態進行疑難排解。
strongSwan CA Multiple CERT_REQ
當strongSwan上的證書設定為Automatic Selection(預設值)時,Android會在第三個資料包中傳送本地儲存中所有受信任證書的CERT_REQ。Cisco IOS軟體可能會捨棄該要求,因為它將大量憑證要求識別為拒絕服務攻擊:
*Jul 15 07:54:13: IKEv2:number of cert req exceeds the reasonable limit (100)
DVTI上的通道來源
雖然在虛擬通道介面(VTI)上設定通道來源非常普遍,但此處並不是必須的。假定tunnel source指令位於動態VTI(DVTI)下:
interface Virtual-Template1 type tunnel
ip unnumbered GigabitEthernet0/0
tunnel source GigabitEthernet0/0
tunnel mode ipsec ipv4
tunnel protection ipsec profile PROF
身份驗證後,如果Cisco IOS軟體嘗試建立從虛擬模板克隆的虛擬訪問介面,則會返回錯誤:
*Aug 1 13:34:22 IKEv2:Allocated addr 192.168.0.9 from local pool POOL
*Aug 1 13:34:22 IKEv2:(SA ID = 1):Set received config mode data
*Aug 1 13:34:22 IKEv2:% DVTI create request sent for profile PROF with PSH
index 1
*Aug 1 13:34:22 IKEv2:Failed to process KMI delete SA message with error 4
*Aug 1 13:34:24 IKEv2:Got a packet from dispatcher
*Aug 1 13:34:24 IKEv2:Processing an item off the pak queue
*Aug 1 13:34:24 IKEv2:Negotiation context locked currently in use
故障發生兩秒後,Cisco IOS軟體會收到來自Android的重新傳輸的IKE_AUTH。該資料包將被丟棄。
Cisco IOS軟體錯誤和增強功能要求
- 思科漏洞ID CSCui46418,「IOS Ikev2 ip address sent as identity for RSA authentication.」
只要strongSwan在憑證中尋找IKEID以便執行驗證時能看到正確的使用者替代名稱(IP位址),這個錯誤就不會有問題。 - 思科錯誤ID CSCui44976,「IOS PKI錯誤地顯示X509v3擴展主題備用名稱」。
僅當使用者替代名稱中有多個IP位址時,才會發生此錯誤。僅顯示最後一個IP地址,但這不影響證書使用。整個證書都將被正確傳送和處理。 - 思科錯誤ID CSCui44783,「IOS ENH PKI能夠使用subject-alt-name擴展生成CSR。」
- 思科漏洞ID CSCui44335,「ASA ENH Certificate x509 extensions displayed.」
意見