Netgate SG-1000 microFirewall

Author Topic: IPsec fails with 'No public key found'  (Read 106 times)

0 Members and 1 Guest are viewing this topic.

Offline 1r0n1

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
IPsec fails with 'No public key found'
« on: December 25, 2017, 10:49:00 am »
Hi,

I tried to setup an IPsec connection between pfSesne and centos with strongswan. In my example the centos box is 8.8.8.8 and the pfSense is 4.4.4.4. For that I created a CA using the webgui and two certs (server.vpn.com and client.vpn.com).  The centos box is supposed to be the server and the pfsense should establish the connection. Private networks are 192.168.178.0/24 on pfsense and 10.0.0.0/24 on centos.
On my centos box the strongswan config looks like this:

Code: [Select]
conn adelheid
      left=8.8.8.8
      leftid=server.vpn.com
      leftsubnet=0.0.0.0/0
      leftcert=vpnServerCert.crt
      leftsendcert=never
      right=%any
      rightid=client.vpn.com
      rightsubnet=192.168.178.0/24
      leftfirewall=yes
      rightcert=vpnClientCert.crt
      keyexchange=ikev2
      type=tunnel
      auto=add

Using pfsense webgui the configuration was created like this:

Code: [Select]
conn con1
        fragmentation = yes
        keyexchange = ikev2
        reauth = yes
        forceencaps = no
        mobike = no

        rekey = no
        installpolicy = yes
        type = tunnel
        dpdaction = restart
        dpddelay = 10s
        dpdtimeout = 60s
        auto = route
        left = 192.168.178.246
        right = hostname.domain.tld
        leftid = fqdn:client.vpn.com
        ikelifetime = 28800s
        lifetime = 3600s
        ike = aes256-sha1-modp1024!
        esp = aes256-sha1,aes256-sha256,aes256-sha384,aes256-sha512,aes192-sha1,aes192-sha256,aes192-sha384,aes192-sha512,aes128-sha1,aes128-sha256,aes128-sha384,aes128-sha512,aes192gcm128-sha1,aes192gcm128-sha256,aes192gcm128-sha384,aes192gcm128-sha512,aes192gcm96-sha1,aes192gcm96-sha256,aes192gcm96-sha384,aes192gcm96-sha512,aes192gcm64-sha1,aes192gcm64-sha256,aes192gcm64-sha384,aes192gcm64-sha512,aes256gcm128-sha1,aes256gcm128-sha256,aes256gcm128-sha384,aes256gcm128-sha512,aes256gcm96-sha1,aes256gcm96-sha256,aes256gcm96-sha384,aes256gcm96-sha512,aes256gcm64-sha1,aes256gcm64-sha256,aes256gcm64-sha384,aes256gcm64-sha512,blowfish256-sha1,blowfish256-sha256,blowfish256-sha384,blowfish256-sha512,blowfish192-sha1,blowfish192-sha256,blowfish192-sha384,blowfish192-sha512,blowfish128-sha1,blowfish128-sha256,blowfish128-sha384,blowfish128-sha512!
        leftauth = pubkey
        rightauth = pubkey
        leftcert=/var/etc/ipsec/ipsec.d/certs/cert-1.crt
        leftsendcert=always
        rightca="/C=DE/ST=BY/L=Germering/O=Acme Inc/emailAddress=user@host.com/CN=internal-ca/"
        rightid = fqdn:server.vpn.com
        rightsubnet = 10.0.0.0/24
        leftsubnet = 192.168.178.0/24

So far so good, when starting the VPN on the centos box everything looks good until pfSense kills the connection:

Quote
Dec 25 17:27:54 server strongswan: 07[IKE] 4.4.4.4 is initiating an IKE_SA
Dec 25 17:27:54 server strongswan: 07[IKE] remote host is behind NAT
Dec 25 17:27:54 server strongswan: 07[IKE] sending cert request for "C=DE, ST=BY, L=Germering, O=Acme Inc, E=user@host.com, CN=internal-ca"
Dec 25 17:27:54 server strongswan: 07[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(HASH_ALG) N(MULT_AUTH) ]
Dec 25 17:27:54 server strongswan: 07[NET] sending packet: from 8.8.8.8[500] to 4.4.4.4[62453] (353 bytes)
Dec 25 17:27:54 server strongswan: 16[NET] received packet: from 4.4.4.4[62454] to 8.8.8.8[4500] (2860 bytes)
Dec 25 17:27:54 server strongswan: 16[ENC] parsed IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Dec 25 17:27:54 server strongswan: 16[IKE] received cert request for "C=DE, ST=BY, L=Germering, O=Acme Inc, E=user@host.com, CN=internal-ca"
Dec 25 17:27:54 server strongswan: 16[IKE] received end entity cert "C=DE, ST=BY, L=Germering, O=Acme Inc, E=user@host.com, CN=client.vpn.com"
Dec 25 17:27:54 server strongswan: 16[CFG] looking for peer configs matching 8.8.8.8[server.vpn.com]...4.4.4.4[client.vpn.com]
Dec 25 17:27:54 server strongswan: 16[CFG] selected peer config 'adelheid'
Dec 25 17:27:54 server strongswan: 16[CFG]   using trusted ca certificate "C=DE, ST=BY, L=Germering, O=Acme Inc, E=user@host.com, CN=internal-ca"
Dec 25 17:27:54 server charon: 16[IKE] received cert request for "C=DE, ST=BY, L=Germering, O=Acme Inc, E=user@host.com, CN=internal-ca"Dec 25 17:27:54 server strongswan: 16[CFG] checking certificate status of "C=DE, ST=BY, L=Germering, O=Acme Inc, E=user@host.com, CN=client.vpn.com"
Dec 25 17:27:54 server charon: 16[IKE] received end entity cert "C=DE, ST=BY, L=Germering, O=Acme Inc, E=user@host.com, CN=client.vpn.com"
Dec 25 17:27:54 server charon: 16[CFG] looking for peer configs matching 8.8.8.8[server.vpn.com]...4.4.4.4[client.vpn.com]Dec 25 17:27:54 server charon: 16[CFG] selected peer config 'adelheid'
Dec 25 17:27:54 server charon: 16[CFG]   using trusted ca certificate "C=DE, ST=BY, L=Germering, O=Acme Inc, E=user@host.com, CN=internal-ca"Dec 25 17:27:54 server charon: 16[CFG] checking certificate status of "C=DE, ST=BY, L=Germering, O=Acme Inc, E=user@host.com, CN=client.vpn.com"
Dec 25 17:27:54 server charon: 16[CFG] certificate status is not available
Dec 25 17:27:54 server charon: 16[CFG]   reached self-signed root ca with a path length of 0Dec 25 17:27:54 server charon: 16[CFG]   using trusted certificate "C=DE, ST=BY, L=Germering, O=Acme Inc, E=user@host.com, CN=client.vpn.com"
Dec 25 17:27:54 server charon: 16[IKE] authentication of 'client.vpn.com' with RSA_EMSA_PKCS1_SHA256 successful
Dec 25 17:27:54 server charon: 16[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
Dec 25 17:27:54 server charon: 16[IKE] authentication of 'server.vpn.com' (myself) with RSA_EMSA_PKCS1_SHA256 successful
Dec 25 17:27:54 server charon: 16[IKE] IKE_SA adelheid[2] established between 8.8.8.8[server.vpn.com]...4.4.4.4[client.vpn.com]
Dec 25 17:27:54 server charon: 16[IKE] scheduling reauthentication in 10122s
Dec 25 17:27:54 server charon: 16[IKE] maximum IKE_SA lifetime 10662s
Dec 25 17:27:54 server charon: 16[IKE] CHILD_SA adelheid{1} established with SPIs ce7228dc_i c6295052_o and TS 10.0.0.0/24 === 192.168.178.0/24
Dec 25 17:27:54 server vpn: + client.vpn.com 192.168.178.0/24 == 4.4.4.4 -- 8.8.8.8 == 10.0.0.0/24
Dec 25 17:27:54 server charon: 16[ENC] generating IKE_AUTH response 1 [ IDr AUTH SA TSi TSr N(AUTH_LFT) ]
Dec 25 17:27:54 server charon: 16[NET] sending packet: from 8.8.8.8[4500] to 4.4.4.4[62454] (476 bytes)
Dec 25 17:27:54 server charon: 06[NET] received packet: from 4.4.4.4[62454] to 8.8.8.8[4500] (76 bytes)
Dec 25 17:27:54 server charon: 06[ENC] parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Dec 25 17:27:54 server charon: 06[IKE] received DELETE for IKE_SA adelheid[2]
Dec 25 17:27:54 server charon: 06[IKE] deleting IKE_SA adelheid[2] between 8.8.8.8[server.vpn.com]...4.4.4.4[client.vpn.com]
Dec 25 17:27:54 server charon: 06[IKE] IKE_SA deleted
Dec 25 17:27:54 server vpn: - client.vpn.com 192.168.178.0/24 == 4.4.4.4 -- 8.8.8.8 == 10.0.0.0/24
Dec 25 17:27:54 server charon: 06[ENC] generating INFORMATIONAL response 2 [ ]
Dec 25 17:27:54 server charon: 06[NET] sending packet: from 8.8.8.8[4500] to 4.4.4.4[62454] (76 bytes)

Now on pfsense the connection is killed because pfSense seems not to trust the certificate for server.vpn.com:

Quote
Dec 25 17:27:53 charon          10[IKE] <con1|14> IKE_SA con1[14] state change: CREATED => CONNECTING
Dec 25 17:27:53 charon          10[CFG] <con1|14> configured proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Dec 25 17:27:53 charon          10[CFG] <con1|14> sending supported signature hash algorithms: sha1 sha256 sha384 sha512 identity
Dec 25 17:27:53 charon          10[ENC] <con1|14> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Dec 25 17:27:53 charon          10[NET] <con1|14> sending packet: from 192.168.178.246[500] to 8.8.8.8[500] (338 bytes)
Dec 25 17:27:54 charon          10[NET] <con1|14> received packet: from 8.8.8.8[500] to 192.168.178.246[500] (353 bytes)
Dec 25 17:27:54 charon          10[ENC] <con1|14> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(HASH_ALG) N(MULT_AUTH) ]
Dec 25 17:27:54 charon          10[IKE] <con1|14> received SIGNATURE_HASH_ALGORITHMS notify
Dec 25 17:27:54 charon          10[CFG] <con1|14> selecting proposal:
Dec 25 17:27:54 charon          10[CFG] <con1|14> proposal matches
Dec 25 17:27:54 charon          10[CFG] <con1|14> received proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Dec 25 17:27:54 charon          10[CFG] <con1|14> configured proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Dec 25 17:27:54 charon          10[CFG] <con1|14> selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Dec 25 17:27:54 charon          10[CFG] <con1|14> received supported signature hash algorithms: sha1 sha256 sha384 sha512
Dec 25 17:27:54 charon          10[IKE] <con1|14> local host is behind NAT, sending keep alives
Dec 25 17:27:54 charon          10[IKE] <con1|14> received cert request for "C=DE, ST=BY, L=Germering, O=Acme Inc, E=user@host.com, CN=internal-ca"
Dec 25 17:27:54 charon          10[IKE] <con1|14> reinitiating already active tasks
Dec 25 17:27:54 charon          10[IKE] <con1|14> IKE_CERT_PRE task
Dec 25 17:27:54 charon          10[IKE] <con1|14> IKE_AUTH task
Dec 25 17:27:54 charon          10[IKE] <con1|14> sending cert request for "C=DE, ST=BY, L=Germering, O=Acme Inc, E=user@host.com, CN=internal-ca"
Dec 25 17:27:54 charon          10[IKE] <con1|14> authentication of 'client.vpn.com' (myself) with RSA_EMSA_PKCS1_SHA2_256 successful
Dec 25 17:27:54 charon          10[IKE] <con1|14> sending end entity cert "C=DE, ST=BY, L=Germering, O=Acme Inc, E=user@host.com, CN=client.vpn.com"
Dec 25 17:27:54 charon          10[CFG] <con1|14> proposing traffic selectors for us:
Dec 25 17:27:54 charon          10[CFG] <con1|14> 192.168.178.0/24|/0
Dec 25 17:27:54 charon          10[CFG] <con1|14> proposing traffic selectors for other:
Dec 25 17:27:54 charon          10[CFG] <con1|14> 10.0.0.0/24|/0
Dec 25 17:27:54 charon          10[CFG] <con1|14> configured proposals: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_384_192/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_512_256/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA1_96/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_384_192/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_512_256/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_384_192/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_512_256/NO_EXT_SEQ, ESP:AES_GCM_16_192/NO_EXT_SEQ, ESP:AES_GCM_12_192/NO_EXT_SEQ, ESP:AES_GCM_8_192/NO_EXT_SEQ, ESP:AES_GCM_16_256/NO_EXT_SEQ, ESP:AES_GCM_12_256/NO_EXT_SEQ, ESP:AES_GCM_8_256/NO_EXT_SEQ, ESP:BLOWFISH_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ, ESP:BLOWFISH_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ, ESP:BLOWFISH_CBC_256/HMAC_SHA2_384_192/NO_EXT_SEQ, ESP:BLOWFISH_CBC_256/HMAC_SHA2_512_256/NO_EXT_SEQ, ESP:BLOWFISH_CBC_192/HMAC_SHA1_96/NO
Dec 25 17:27:54 charon          10[IKE] <con1|14> establishing CHILD_SA con1{20}
Dec 25 17:27:54 charon          10[ENC] <con1|14> generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Dec 25 17:27:54 charon          10[NET] <con1|14> sending packet: from 192.168.178.246[4500] to 8.8.8.8[4500] (2860 bytes)
Dec 25 17:27:54 charon          08[NET] <con1|14> received packet: from 8.8.8.8[4500] to 192.168.178.246[4500] (476 bytes)
Dec 25 17:27:54 charon          08[ENC] <con1|14> parsed IKE_AUTH response 1 [ IDr AUTH SA TSi TSr N(AUTH_LFT) ]
Dec 25 17:27:54 charon          08[IKE] <con1|14> no trusted RSA public key found for 'server.vpn.com'
Dec 25 17:27:54 charon          08[ENC] <con1|14> generating INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Dec 25 17:27:54 charon          08[NET] <con1|14> sending packet: from 192.168.178.246[4500] to 8.8.8.8[4500] (76 bytes)
Dec 25 17:27:54 charon          08[CHD] <con1|14> CHILD_SA con1{20} state change: CREATED => DESTROYING
Dec 25 17:27:54 charon          08[IKE] <con1|14> IKE_SA con1[14] state change: CONNECTING => DESTROYING

The key message being these two lines:

Quote
Dec 25 17:27:54 charon          08[IKE] <con1|14> no trusted RSA public key found for 'server.vpn.com'
Dec 25 17:27:54 charon          08[ENC] <con1|14> generating INFORMATIONAL request 2 [ N(AUTH_FAILED) ]

I though because both certificates were created using pfSense's CA the certificate for server.vpn.com would be trusted. But this seems not to be the case. Can anybody point me in the right direction?