Strongswan

iPhone 使用者不連接 StrongSwan VPN,而 Android 和 Windows 10 使用者可以?

  • June 15, 2021

我有一個 StrongSwan VPN,由於某種我不知道的原因,它無法將 iOS 使用者連接到我的 VPN 伺服器。

一些快速說明:

  • 我的 StrongSwan 伺服器是連接到我的網路的 VPN 客戶端的前端。我用於WireGuard我的後端站點到站點路由。
  • 所有 StrongSwan VPN 使用者都經過FreeRadius伺服器驗證。
  • StrongSwan 客戶端在子網上被分配一個 IP 192.168.201.0/24,而 WireGuard 主幹網路在192.168.200.0/24子網上執行。
  • 所有客戶端也都獲得了一個公共 IPv6 地址,該地址屬於分配給我的 /48 子網。

我在 Ubuntu 20.04 上執行 StrongSwan,我的配置文件位於該/etc/swanctl/config/文件夾中,由於文件名以.conf.

內容如下:

# Default VPN server settings for all connections
conn-defaults {
   local_addrs = PUBLIC_IPV4, PUBLIC_IPV6

   local {
     auth = pubkey
     certs = vpn-ecdsa.cer
     id = vpn.example.com
   }

   version = 2
   send_certreq = no
   send_cert = always
   unique = never
   fragmentation = yes
   encap = yes
   dpd_delay = 60s

   rekey_time = 0s
}

# Default login method
eap-defaults {
 remote {
  auth = eap-radius
  id = %any
  eap_id = %any
 }
}

connections
{
 # Generic Android configuration that is extended further down.
 #
 # Works with StrongSwan VPN client for Android
 conn-unix : conn-defaults, eap-defaults {
   children {
     net {
       local_ts = 0.0.0.0/0, ::/0
     }

     net-unix : child-defaults {
     }

     esp_proposals = aes128gcm128-x25519
   }

   proposals = aes128-sha256-x25519
 }

 # All Windows klients matches this rule as username validation 
 # is done by 'eap_start = yes' in strongswan.conf. 
 #
 # Works with Windows 10 built-in VPN client.
 conn-windows : conn-defaults, eap-defaults {
   children {
     net {
       local_ts = 0.0.0.0/0, ::/0
     }

     esp_proposals = aes256-sha256-prfsha256-modp1024
   }

   proposals = aes256-sha256-prfsha256-modp1024
   pools = IkeVPN-site-ipv4, IkeVPN-site-ipv6

 }

 # A very similar configuration to Windows clients 
 # configuration, except iOS uses 2048 bit keys, 
 # while Windows uses 1024 bit keys.
 #
 # Does NOT work in its current state.
 conn-ios : conn-defaults, eap-defaults {
   children {
     net {
       local_ts = 0.0.0.0/0, ::/0
     }

     esp_proposals = aes256-sha2_256
     pools = IkeVPN-site-ipv4, IkeVPN-site-ipv6

   }

   proposals = aes256-sha256-prfsha256-modp2048
 }

 # Android users is matched against this connection as they are 
 # running the app StrongSwan VPN client. Username is passed in the
 # 'id' field to StrongSwan VPN server.
 conn-unix-site : connections.conn-unix {
   remote {
     id = *@site.example.com
   }
   pools = IkeVPN-site-ipv4, IkeVPN-site-ipv6
 }
}

pools
{
  IkeVPN-site-ipv4 {
     addrs = 192.168.201.0/24
     dns = 192.168.200.1
  }

  IkeVPN-site-ipv6 {
     addrs = 2001:db8:cafe::/97
     dns = 2001:db8::1
  }
}

我的配置是使用以下網頁給出的結構創建的:

https://wiki.strongswan.org/projects/strongswan/wiki/Strongswanconf#Referencing-other-Sections

我使用它的原因是避免在我的所有連接配置文件中重複相同的配置設置。

如果您不熟悉此設置,conn-ios則應將以下配置視為等效:

conn-ios {
  # Obtained from conn-default
  local_addrs = PUBLIC_IPV4, PUBLIC_IPV6

  local {
     auth = pubkey
     certs = vpn-ecdsa.cer
     id = vpn.example.com
  }

  version = 2
  send_certreq = no
  send_cert = always
  unique = never
  fragmentation = yes
  encap = yes
  dpd_delay = 60s

  rekey_time = 0s

  # Obtained from eap-defaults
  remote {
     auth = eap-radius
     id = %any
     eap_id = %any
  }

  # Obtained from original conn-ios profile above.
  children {
     net {
        local_ts = 0.0.0.0/0, ::/0
     }

     esp_proposals = aes256-sha2_256
     pools = IkeVPN-site-ipv4, IkeVPN-site-ipv6
  }

  proposals = aes256-sha256-prfsha256-modp2048
}

conn-default節中列出的伺服器證書是使用 Acme.sh 從 Let’s Encrypt 獲得的 ECDSA 證書。

proposalsiOS 配置中的加密值esp_proposals取自https://wiki.strongswan.org/projects/strongswan/wiki/AppleClients中的提示。

在測試 Android 或 Windows 使用者的所有組合時,連接沒有任何問題,但是當有人嘗試使用 iPhone 登錄時,連接就會停止。

iPhone嘗試連接時的日誌輸出如下:

10[IKE] CLIENT_IPV4 is initiating an IKE_SA
10[CFG] received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1536, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
10[CFG] configured proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
10[IKE] no matching proposal found, trying alternative config
10[CFG] received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1536, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
10[CFG] configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024
10[IKE] no matching proposal found, trying alternative config
10[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
10[IKE] remote host is behind NAT
10[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
10[NET] sending packet: from PUBLIC_IPV4[500] to CLIENT_IPV4[6452] (456 bytes)
06[NET] received packet: from CLIENT_IPV4[13549] to PUBLIC_IPV4[4500] (512 bytes)
06[ENC] unknown attribute type INTERNAL_DNS_DOMAIN
06[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr CPRQ(ADDR MASK DHCP DNS ADDR6 DHCP6 DNS6 DOMAIN) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr N(MOBIKE_SUP) ]
06[CFG] looking for peer configs matching PUBLIC_IPV4[vpn.example.com]...CLIENT_IPV4[PRIVATE_CLASS_A_ADDRESS]
06[CFG] selected peer config 'conn-ios'
06[IKE] initiating EAP_IDENTITY method (id 0x00)
06[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
06[IKE] peer supports MOBIKE
06[IKE] authentication of 'vpn.example.com' (myself) with ECDSA-256 signature successful
06[IKE] sending end entity cert "CN=vpn.example.com"
06[IKE] sending issuer cert "C=US, O=Let's Encrypt, CN=R3"
06[ENC] generating IKE_AUTH response 1 [ IDr CERT CERT AUTH EAP/REQ/ID ]
06[ENC] splitting IKE message (2816 bytes) into 3 fragments
06[ENC] generating IKE_AUTH response 1 [ EF(1/3) ]
06[ENC] generating IKE_AUTH response 1 [ EF(2/3) ]
06[ENC] generating IKE_AUTH response 1 [ EF(3/3) ]
06[NET] sending packet: from PUBLIC_IPV4[4500] to CLIENT_IPV4[13549] (1236 bytes)
06[NET] sending packet: from PUBLIC_IPV4[4500] to CLIENT_IPV4[13549] (1236 bytes)
06[NET] sending packet: from PUBLIC_IPV4[4500] to CLIENT_IPV4[13549] (500 bytes)
11[JOB] deleting half open IKE_SA with CLIENT_IPV4 after timeout

iPhone 使用者使用以下設置使用內置 VPN 客戶端進行連接:

  • 類型 IKEv2
  • 描述:VPN伺服器
  • 伺服器:vpn.example.com
  • 遠端 ID:vpn.example.com
  • 本地標識:空白
  • 使用者名和密碼驗證。
  • 使用者名:user@site.example.com
  • 密碼:ItIsASecret

有誰知道為什麼 iOS 使用者在載入conn-ios配置文件時連接會停止?

更新 我們起飛了!:-)

根據@ecdsa 的建議,我已將證書切換為 2048 位 RSA 證書。

我的 Radius 伺服器被呼叫。使用者身份驗證成功,客戶端獲得分配 IP 地址。我很開心。:-)

conn-ios現在的配置是:

 conn-ios : conn-defaults, eap-defaults {

   # Overriding defaults from 'conn-default'
   local {
     auth = pubkey
     certs = vpn-rsa.cer
     id = vpn.example.com
   }

   children {
     net {
       local_ts = 0.0.0.0/0, ::/0
     }

     esp_proposals = aes256-sha256
   }

   pools = IkeVPN-site-ipv4, IkeVPN-site-ipv6
   proposals = aes256-sha256-prfsha256-modp2048
 }

其他一切都與我的初始配置一樣。

正如我們在日誌中看到的,客戶端不支持RFC 7427(否則,雜湊算法通知將在 期間交換IKE_SA_INIT),它定義了靈活的基於簽名的身份驗證。

雖然 IKEv2 也支持沒有該擴展的 ECDSA,但RFC 4754只增加了對它的有限支持(只能使用三個 NIST 曲線,並且每個曲線都分配了特定的雜湊算法)。因此,如果在配置文件中明確配置,Apple 客戶端可能只接受/使用 ECDSA 有一個選項CertificateType可以設置為 eg ECDSA256)。

如果使用配置文件不是一個選項,唯一的選擇是使用RSA 伺服器證書,至少在 Apple 在其 IKEv2 客戶端中實現對 RFC 7427 的支持之前。

引用自:https://serverfault.com/questions/1066598