IPsec
Contents
-
IPsec
- About
-
Definitions
- Internet Protocol Security (IPsec)
- Security Parameter Index (SPI)
- Keyed-Hash Message Authentication Code (HMAC)
- Security association (SA)
- Authentication Headers (AH)
- Encapsulating Security Payloads (ESP)
- The OAKLEY Key Determination Protocol
- Internet Security Association and Key Management Protocol (ISAKMP)
- Internet Key Exchange (IKE)
- Common Abbreviations
- IPsec Parameters
- Diffie-Hellman-Groups
- Strongswan
About
NIST Special Publication 800-77 (Revision 1) - Guide to IPsec VPNs
NIST Special Publication 800-77 (Revision 1) - Guide to IPsec VPNs
Definitions
Internet Protocol Security (IPsec)
In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts the packets of data sent over an Internet Protocol network. It is used in virtual private networks (VPNs).
IPsec includes protocols for establishing mutual authentication between agents at the beginning of a session and negotiation of cryptographic keys to use during the session. IPsec can protect data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host). Internet Protocol security (IPsec) uses cryptographic security services to protect communications over Internet Protocol (IP) networks. IPsec supports network-level peer authentication, data-origin authentication, data integrity, data confidentiality (encryption), and replay protection.
The initial IPv4 suite was developed with few security provisions. As a part of the IPv4 enhancement, IPsec is a layer 3 OSI model or internet layer end-to-end security scheme, while some other Internet security systems in widespread use operate above layer 3, such as Transport Layer Security (TLS) and Secure Shell (SSH), both of which operate at the Transport layer. IPsec can automatically secure applications at the IP layer.
Security Parameter Index (SPI)
IETF: RFC 2401 Security Architecture for the Internet Protocol
- Obsoleted by: RFC4301
IETF: RFC 4301 Security Architecture for the Internet Protocol
SPI RFC 2401: The Security Parameter Index (SPI) is an identification tag added to the header while using IPsec for tunneling the IP traffic. This tag helps the kernel discern between two traffic streams where different encryption rules and algorithms may be in use.
The SPI (as per RFC 2401) is a required part of an IPsec Security Association (SA) because it enables the receiving system to select the SA under which a received packet will be processed. An SPI has only local significance, since it is defined by the creator of the SA; an SPI is generally viewed as an opaque bit string. However, the creator of an SA may interpret the bits in an SPI to facilitate local processing.
This works like port numbers in TCP and UDP connections. What it means is that there could be different SAs used to provide security to one connection. An SA could therefore act as a set of rules.
Carried in Encapsulating Security Payload (ESP) header or Authentication Header (AH), its length is 32 bits.
Keyed-Hash Message Authentication Code (HMAC)
Wikipedia EN: Keyed-Hash Message Authentication Code
In cryptography, an HMAC (sometimes expanded as either keyed-hash message authentication code or hash-based message authentication code) is a specific type of message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key. It may be used to simultaneously verify both the data integrity and the authenticity of a message, as with any MAC. Any cryptographic hash function, such as SHA-256 or SHA-3, may be used in the calculation of an HMAC; the resulting MAC algorithm is termed HMAC-X, where X is the hash function used (e.g. HMAC-SHA256 or HMAC-SHA3). The cryptographic strength of the HMAC depends upon the cryptographic strength of the underlying hash function, the size of its hash output, and the size and quality of the key.
Security association (SA)
Wikipedia EN: Security association
A security association (SA) is the establishment of shared security attributes between two network entities to support secure communication. An SA may include attributes such as: cryptographic algorithm and mode; traffic encryption key; and parameters for the network data to be passed over the connection. The framework for establishing security associations is provided by the Internet Security Association and Key Management Protocol (ISAKMP). Protocols such as Internet Key Exchange (IKE) and Kerberized Internet Negotiation of Keys (KINK) provide authenticated keying material.
Authentication Headers (AH)
Wikipedia EN: Authentication Headers
Authentication Headers (AH) provides connectionless data integrity and data origin authentication for IP datagrams and provides protection against replay attacks.
Encapsulating Security Payloads (ESP)
Wikipedia EN: IPsec - Encapsulating Security Payloads
Encapsulating Security Payloads (ESP) provides confidentiality, connectionless data integrity, data-origin authentication, an anti-replay service (a form of partial sequence integrity), and limited traffic-flow confidentiality.[1]
The OAKLEY Key Determination Protocol
The Oakley Key Determination Protocol is a key-agreement protocol that allows authenticated parties to exchange secret keying material across an insecure connection using the Diffie–Hellman key exchange algorithm. The protocol was proposed by Hilarie K. Orman in 1998, and formed the basis for the more widely used Internet Key Exchange protocol.
The OAKLEY protocol supports Perfect Forward Secrecy, compatibility with the ISAKMP protocol for managing security associations, user- defined abstract group structures for use with the Diffie-Hellman algorithm, key updates, and incorporation of keys distributed via out-of-band mechanisms.
The Oakley protocol has also been implemented in Cisco Systems' ISAKMP daemon.
Internet Security Association and Key Management Protocol (ISAKMP)
Wikipedia EN: Internet Security Association and Key Management Protocol
Internet Security Association and Key Management Protocol (ISAKMP) is a protocol defined by RFC 2408 for establishing Security association (SA) and cryptographic keys in an Internet environment. ISAKMP only provides a framework for authentication and key exchange and is designed to be key exchange independent; protocols such as Internet Key Exchange (IKE) and Kerberized Internet Negotiation of Keys (KINK) provide authenticated keying material for use with ISAKMP. For example: IKE describes a protocol using part of Oakley and part of SKEME in conjunction with ISAKMP to obtain authenticated keying material for use with ISAKMP, and for other security associations such as AH and ESP for the IETF IPsec DOI (Domain of Interest).
Internet Key Exchange (IKE)
Internet Standard, published as RFC 7296 in October 2014.
Wikipedia EN: Internet Key Exchange
In computing, Internet Key Exchange (IKE, sometimes IKEv1 or IKEv2, depending on version) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP. IKE uses X.509 certificates for authentication ‒ either pre-shared or distributed using DNS (preferably with DNSSEC) ‒ and a Diffie–Hellman key exchange to set up a shared session secret from which cryptographic keys are derived. In addition, a security policy for every peer which will connect must be manually maintained.
IKEv1
- Port: udp/500
Understanding IPSec IKEv1 negotiation on Wireshark
Modes
- Main mode
- Packages exchanged: 6
- Provides identity protection, because its transfered when
- Usage for:
- S2S VPNs with static IPs and Pre-Shared Keys
- Aggressive mode:
- Packages exchanged: 3
- reduced number of round-trips but no identity protection.
- It should also be noted that using public key encryption to authenticate an Aggressive Mode exchange will still provide identity protection.
- Usage for:
S2S/Remote Access VPNs with dynamic IPs and PubKey-Auth
IKEv2
- Port:
- udp/500 (first 2 to 4 packets IKE_SA_INIT)
- udp/4500 (2 packets IKE_AUTH, QUICK MODE and payload)
Differences between IKEv2 and IKEv1
- No modes
- May be used with dynamic IP addresses (MOBIKE) for IKEv2 and ESP, where IKEv1 is inappropriate
- Faster connection establishment than IKEv1
- 4 messages initial exchange mechanism with IKEv2 (with matching ENCR/HMAC/DH-GROUP)
- 8 messages initial exchange mechanism with IKEv1
- Fewer cryptographic mechanisms
-> simpler implementation -> better certification of implementation (Common Criteria, FIPS 140-2).
- Support for SCTP as used in VoIP
- More stable connections than IKEv1
- Usage of NAT-Traversal (udp/4500) for IKE and ESP
- Improved Reliability and State management
- IKEv2 uses sequence numbers and acknowledgments
- IKEv1 only has Deap-Peer-Detection (DPD), which was never standardized (RFC3706???)
- Better Denial of Service (DoS) attack resilience
- Fewer expensive operations until requester is authenticated
- No longer exchanges cookies to avoid DoS
Source: Wikipedia EN: IKEv2 Improvements
Common Abbreviations
- Domain of Interest (DOI)
- Pre-Shared Key (PSK)
- Pseudo-Random Functions (PRF)
- Security Association Database (SADB)
- Site-to-site (S2S)
IPsec Parameters
A table to assist negotiation of IPsec parameters for S2S-VPNs with your partner.
Parameter |
Site A |
Site B |
Device |
OpnSense |
OpnSense |
Redundancy |
active/passive |
active/passive |
Phase 1 |
||
Internet Protocol |
v4 |
v4 |
Initiator-FQDN |
hname.domain.tld |
hname.domain2.tld |
Initiator-Address |
w.x.y.z |
a.b.c.d |
Connection Establishment |
allowed |
allowed |
ISAKMP-Protocol |
v2 |
v2 |
Mode (ISAKMP v1 Phase 1) |
Main |
Main |
NAT-Traversal |
Enabled |
Enabled |
Keep-Alive Interval |
20s |
20s |
Authentication Method |
Pre-Shared Keys (PSK) |
Pre-Shared Keys (PSK) |
Cipher |
AES-256-CBC, |
AES-256-CBC, |
HMAC |
SHA-2 256, |
SHA-2 256, |
Perfect Forward Secrecy (PFS) |
Enabled |
Enabled |
Diffie-Hellman-Group (DH-Group) |
15 (modp 3072) |
15 (modp 3072) |
Lifetime |
28800s (8h) |
28800s (8h) |
Lifesize |
8589934592Byte (8GiB) |
8589934592Byte (8GiB) |
Dead Peer Detection (DPD) |
Enabled |
Enabled |
Traffic Idle Timeout |
20 |
20 |
Maximum Retries |
5 |
5 |
Phase 2 |
||
IPSec-Protocol |
Encapsulating Security Payload (ESP), |
Encapsulating Security Payload (ESP), |
Cipher |
AES-256-gcm (Galois/Counter Mode), |
AES-256-gcm (Galois/Counter Mode), |
HMAC |
HMAC-SHA-256-128, |
HMAC-SHA-256-128, |
IPsec Lifetime |
3600s (1h) |
3600s (1h) |
Perfect Forward Secrecy (PFS) |
Enabled |
Enabled |
Diffie-Hellman-Group |
15 (modp 3072) |
15 (modp 3072) |
Local Networks (NATTED) |
192.168.0.0/24 (172.31.255.0/24) |
192.168.1.0/24 |
Idle Shutdown Timeout |
300s |
300s |
Access Control Lists (ACLs) via a separate Communication Matrix, which also contains the mapping of the IP-addresses to their NAT-addresses.
Diffie-Hellman-Groups
- ECP
- elliptic curve groups modulo a prime
- elliptic curve group over GF[P]
- EC2N
- elliptic curve group over GF[2^N])
- GF
- galois field
- MODP
- modular exponential
IETF RFC3526 - More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)
IETF RFC5114 - Additional Diffie-Hellman Groups for Use with IETF Standards
Group |
Lenght |
Type |
Standard |
Comment |
1 |
768-bit |
MODP group |
RFC2409 |
deprecated |
2 |
1024-bit |
MODP group |
RFC2409 |
deprecated |
3 |
155-bit |
EC2N group |
RFC2409 |
deprecated |
4 |
185-bit |
EC2N group |
RFC2409 |
deprecated |
5 |
1536-bit |
MODP group |
RFC3526 |
deprecated |
14 |
2048-bit |
MODP group |
RFC3526 |
deprecated 2022 |
15 |
3072-bit |
MODP group |
RFC3526 |
|
16 |
4096-bit |
MODP group |
RFC3526 |
|
17 |
6144-bit |
MODP group |
RFC3526 |
|
18 |
8192-bit |
MODP group |
RFC3526 |
|
19 |
256-bit |
random ECP group |
RFC5114 |
|
20 |
384-bit |
random ECP group |
RFC5114 |
|
21 |
521-bit |
random ECP group |
RFC5114 |
|
22 |
1024-bit |
MODP group with 160-bit Prime Order Subgroup |
RFC5114 |
|
23 |
2048-bit |
MODP group with 224-bit Prime Order Subgroup |
RFC5114 |
|
24 |
2048-bit |
MODP group with 256-bit Prime Order Subgroup |
RFC5114 |
|
25 |
192-bit |
random ECP group |
RFC5114 |
|
26 |
224-bit |
random ECP group |
RFC5114 |
|
31 |
256-bit |
random ECP group (EC25519) |
|
djb |
Strongswan
About
Installation
This is probably sufficient.
1 aptitude install strongswan charon-systemd
Please make sure to have a recent version of libgrypt20 installed or swanctl or its plugins will complain.
These were the packages installed (Debian Buster/Sid). Please mind the literal Tab-Character (Ctrl+v Tab) as the column seperator.
1 i M charon-cmd - standalone IPsec client
2 i M charon-systemd - strongSwan IPsec client, systemd support
3 i A libcharon-extauth-plugins - strongSwan charon library (extended authentication plugins)
4 i A libcharon-extra-plugins - strongSwan charon library (extra plugins)
5 i A libgcrypt20 - LGPL Crypto library - runtime library
6 i A libgcrypt20:i386 - LGPL Crypto library - runtime library
7 i A libstrongswan - strongSwan utility and crypto library
8 i A libstrongswan-extra-plugins - strongSwan utility and crypto library (extra plugins)
9 i A libstrongswan-standard-plugins - strongSwan utility and crypto library (standard plugins)
10 i A network-manager - network management framework (daemon and userspace tools)
11 i M network-manager-config-connectivity-debian - NetworkManager configuration to enable connectivity checking
12 i M network-manager-fortisslvpn - network management framework (Fortinet SSLVPN plugin core)
13 i M network-manager-fortisslvpn-gnome - network management framework (Fortinet SSLVPN plugin GNOME GUI)
14 i A network-manager-gnome - network management framework (GNOME frontend)
15 i M network-manager-iodine - network management framework (iodine plugin core)
16 i M network-manager-iodine-gnome - network management framework (iodine plugin GNOME GUI)
17 i M network-manager-l2tp - network management framework (L2TP plugin core)
18 i M network-manager-l2tp-gnome - network management framework (L2TP plugin GNOME GUI)
19 i M network-manager-openconnect - network management framework (OpenConnect plugin core)
20 i M network-manager-openconnect-gnome - network management framework (OpenConnect plugin GNOME GUI)
21 i M network-manager-openvpn - network management framework (OpenVPN plugin core)
22 i M network-manager-openvpn-gnome - network management framework (OpenVPN plugin GNOME GUI)
23 i M network-manager-pptp - network management framework (PPTP plugin core)
24 i M network-manager-pptp-gnome - network management framework (PPTP plugin GNOME GUI)
25 i M network-manager-ssh - network management framework (SSH plugin core)
26 i A network-manager-ssh-gnome - network management framework (SSH plugin GNOME GUI)
27 i M network-manager-strongswan - network management framework (strongSwan plugin)
28 i M network-manager-vpnc - network management framework (VPNC plugin core)
29 i M network-manager-vpnc-gnome - network management framework (VPNC plugin GNOME GUI)
30 i M strongswan - IPsec VPN solution metapackage
31 i A strongswan-charon - strongSwan Internet Key Exchange daemon
32 i A strongswan-libcharon - strongSwan charon library
33 i A strongswan-nm - strongSwan plugin to interact with NetworkManager
34 i A strongswan-starter - strongSwan daemon starter and configuration file parser
35 i A strongswan-swanctl - strongSwan IPsec client, swanctl command
auto
Strongswan's auto directive is quite interesting.
auto = ignore | add | route | start
- what operation, if any, should be done automatically at IPsec startup;
- currently-accepted values are add, route, start and ignore (the default).
add loads a connection without starting it.
route loads a connection and installs kernel traps. If traffic is detected between leftsubnet and rightsubnet, a connection is established.
start loads a connection and brings it up immediately.
ignore ignores the connection. This is equal to deleting a connection from the config file.
- Relevant only locally, other end need not agree on it.
auto |
load |
routes |
up |
description |
add |
✓ |
✗ |
✗ |
respond-only |
route |
✓ |
✓ |
✗ |
on-traffic |
start |
✓ |
✗ |
✓ |
immeadiatly (without routes) |
ignore |
✗ |
✗ |
✗ |
as if not existent |
I personally would have expected the start option to also set the routes but it doesn't.
You can bring up the routes with
ipsec route con1
IPsec client for LANCOM VPN
TLDR;
Solved, works, but …
- won't work with current network-manager and e.g. plasma-nm.
- Hell, figuring out the setup was quite frustrating.
Motivation
- No Lancom Client for Linux.
- No Android-Client, only Apple iOS "myVPN".
- Shrewsoft Client has not been refreshed since 2013.
- So i need to figure out, how Lancom implementation may be used with some decent, modern client.
LanConfig INI
LanConfig exports a INI-style configuration file, which can be imported into "myVPN" for Apple iOS or the Windows Client. I used it as a source for strongswan configuration.
1 # I just tried to find out what this config means -
2 # hopefully it's of some worth for you.
3 #
4 # I was forced to guess some values and
5 # completed others with information fron this pages:
6 # * https://www.lancom-systems.de/docs/LCOS/referenzhandbuch/topics/aa1069618.html
7 # * ftp://ftp.bintec-elmeg.com/Software/IPSec-Client/doku/fec-secure-client_parameter_de.txt
8 # * ftp://ftp.bintec-elmeg.com/Software/IPSec-Client/doku/fec-secure-client_parameter_en.txt
9 # The LANCOM-Client could be derived from bintec-elmeg Secure Client.
10 # * ftp://ftp.bintec-elmeg.com/Software/IPSec-Client/doku/old_versions/ipsec-client_manual_v20_de.pdf
11 # * ftp://ftp.bintec-elmeg.com/Software/IPSec-Client/doku/old_versions/ipsec-client_manual_v20_en.pdf
12 #
13 # We'll some criticism:
14 # bad docs
15 # + bad portability (only for Mac und Windows)
16 # + Security by Obscurity: "Sicherheit dank eigenem Closed-Source-Betriebssystem"
17 # = SCARY
18
19 [PROFILE1]
20 # Parameter: Profile name
21 # Key: Name
22 # Type: String
23 # Values: String with max. 39 characters
24 # Default: Name must be configured
25 Name=Company-IKEV2_USER1
26
27 # Parameter: Communication media
28 # Key: ConnMedia
29 # Type: Integer
30 # Values: 0 = ISDN
31 # 4 = Modem
32 # 8 = LAN / WLAN (over IP)
33 # 10 = xDSL (PPPoE)
34 # 14 = xDSL (AVM - PPP over CAPI)
35 # 15 = Ext. Dialer
36 # 16 = PPTP
37 # 18 = GPRS/UMTS
38 # Default: ISDN
39 ConnMedia=21
40
41 # Parameter: Connection Mode
42 # Key: ConnMode
43 # Type: Integer
44 # Values: 0 = manual
45 # 1 = automatic
46 # 2 = variable
47 # Default: manual
48 ConnMode=0
49
50 ### Completely guessed
51 # Parameter: Seamless Roaming
52 # Schlüssel: SeamRoaming
53 # Typ: Integer
54 # Werte: 0 = Off
55 # 1 = On
56 # Default: Off
57 SeamRoaming=1
58
59 ### Completely guessed
60 # Parameter: Prioritize Voice over IP
61 # Schlüssel: PriVoIP
62 # Typ: Integer
63 # Werte: 0 = Off
64 # 1 = On
65 # Default: Off
66 PriVoIP=1
67
68 # Parameter: Gateway
69 # Key: Gateway
70 # Type: String
71 # Values: IP address or string with max. 254 characters
72 # Default: 0.0.0.0
73 Gateway=ip.add.re.ss
74
75 # Parameter: PFS group
76 # Key: PFS
77 # Type: Integer
78 # Values: 0 = None
79 # 1 = DH-Group 1 (768 Bit)
80 # 2 = DH-Group 2 (1024 Bit)
81 # 5 = DH-Group 5 (1536 Bit)
82 # Default: None
83 # Guessed values:
84 # 1 = DH-Group 1 (768-Bit Modulus)
85 # 2 = DH-Group 2 (1024-Bit Modulus)
86 # 5 = DH-Group 5 (1536-Bit Modulus)
87 # 14 = DH-Group 14 (2048-Bit Modulus)
88 # 15 = DH-Group 15 (3072-Bit Modulus)
89 # 16 = DH-Group 16 (4096-Bit Modulus)
90 # 19 = DH-Group 19 (256-bit random ECP group)
91 # 20 = DH-Group 20 (384-bit random ECP group)
92 # 21 = DH-Group 21 (521-bit random ECP group)
93 # 28 = DH-Group 28 (brainpoolP256r1)
94 # 29 = DH-Group 29 (brainpoolP384r1)
95 # 30 = DH-Group 30 (brainpoolP512r1)
96 PFS=14
97
98 # Parameter: Use IP compression
99 # Key: UseComp
100 # Type: Integer
101 # Values: 0 = Off
102 # 1 = On
103 # Default: Off
104 UseComp=0
105
106 # Parameter: Local identity - type
107 # Key: IkeIdType
108 # Type: Integer
109 # Values: 1 = IP Address
110 # 2 = Fully Qualified Domain Name
111 # 3 = Fully Qualified Username
112 # 4 = IP Subnet Address
113 # 9 = ASN1 Distinguished Name
114 # 10 = ASN1 Group Name
115 # 11 = Free string used to identify groups
116 # Default: IP Address
117 IkeIdType=3
118
119 # Parameter: Local identity - ID
120 # Key: IkeIdStr
121 # Type: String
122 # Values: String with max. 254 characters
123 # Default: None string
124 IkeIdStr=IKEV2_USER1@intern
125
126 # Parameter: Use pre-shared key
127 # Key: UsePreShKey
128 # Type: Integer
129 # Value: 0 = Off
130 # 1 = On
131 # Default: On
132 Secret=phavapievoboGeixah9fikae
133
134 # Parameter: Use extended authentication (XAUTH)
135 # Key: UseXAUTH
136 # Type: Integer
137 # Values: 0 = Off
138 # 1 = On
139 # Default: On
140 UseXAUTH=0
141
142 # Parameter: IP Address Assignment
143 # Key: IpAddrAssign
144 # Type: Integer
145 # Values: 0 = Use IKE Config Mode
146 # (the parameter "IP-Adresse"
147 # may not be configured)
148 # 1 = Use lokal IP address
149 # (the parameter "IP-Adresse"
150 # may not be configured)
151 # 2 = Manual IP address
152 # (the parameter "IP-Adresse"
153 # must be configured
154 # Default: Use lokal IP address
155 IpAddrAssign=0
156
157 # Parameter: DH Group
158 # Key: IkeDhGroup
159 # Type: Integer
160 # Values: 1 = DH-Group 1 (768 Bit)
161 # 2 = DH-Group 2 (1024 Bit)
162 # 5 = DH-Group 5 (1536 Bit)
163 # Default: DH-Group 2 (1024 Bit)
164 # Guessed values:
165 # 1 = DH-Group 1 (768-Bit Modulus)
166 # 2 = DH-Group 2 (1024-Bit Modulus)
167 # 5 = DH-Group 5 (1536-Bit Modulus)
168 # 14 = DH-Group 14 (2048-Bit Modulus)
169 # 15 = DH-Group 15 (3072-Bit Modulus)
170 # 16 = DH-Group 16 (4096-Bit Modulus)
171 # 19 = DH-Group 19 (256-bit random ECP group)
172 # 20 = DH-Group 20 (384-bit random ECP group)
173 # 21 = DH-Group 21 (521-bit random ECP group)
174 # 28 = DH-Group 28 (brainpoolP256r1)
175 # 29 = DH-Group 29 (brainpoolP384r1)
176 # 30 = DH-Group 30 (brainpoolP512r1)
177 IkeDhGroup=14
178
179 # Parameter: Exchange Mode
180 # Schlüssel: ExchMode
181 # Typ: Integer
182 # Werte: 2 = Main Mode
183 # 4 = Aggressive Mode
184 # Default: Main Mode
185 ExchMode=34
186
187 # Parameter: Authentication
188 # Key: IkeAuth
189 # Type: Integer
190 # Values: 1 = Preshared Key
191 # 3 = RSA-Signatur
192 # Default: Preshared Key
193 IKEv2Auth=2
194 IKEv2Policy=WIZ-AES256-SHA256
195 IPSEC-Policy=WIZ-AES256-SHA256
196
197 [IKEV2POLICY1]
198
199 # Parameter: Name
200 # Key: IkeName
201 # Type: String
202 # Values: String with max. 254 characters
203 # Default: The name must be configured
204 Ikev2Name=WIZ-AES256-SHA256
205
206 # Parameter: Encryption
207 # Key: IkeCrypt
208 # Type: Integer
209 # Values: 1 = DES
210 # 2 = Triple DES
211 # 3 = Blowfish
212 # 4 = AES 128 Bit
213 # 5 = AES 192 Bit
214 # 6 = AES 256 Bit
215 # Default: AES 128 Bit
216 Ikev2Crypt=6
217
218 # Pseudo Random Function
219 Ikev2PRF=5
220
221 # Parameter: Hash
222 # Key: IkeHash
223 # Type: Integer
224 # Values: 1 = MD5
225 # 2 = SHA
226 # Default: MD5
227 # Guessed values:
228 # 12 = SHA2 256
229 Ikev2IntAlgo=12
230
231 [IPSECPOLICY1]
232
233 # Parameter: Name
234 # Key: IPSecName
235 # Type: String
236 # Values: String with max. 254 characters
237 # Default: The name must be configured
238 IPSecName=WIZ-AES256-SHA256
239
240 # Parameter: Transform
241 # Key: IpsecCrypt
242 # Type: Integer
243 # Values: 1 = DES
244 # 2 = Triple DES
245 # 3 = Blowfish
246 # 4 = AES 128 Bit
247 # 5 = AES 192 Bit
248 # 6 = AES 256 Bit
249 # Default: AES 128 Bit
250 IpsecCrypt=6
251
252 # Parameter: Authentication
253 # Key: IpsecAuth
254 # Type: Integer
255 # Values: 1 = MD5
256 # 2 = SHA
257 # Default: MD5
258 # Guessed values:
259 # 1 = HMAC-MD5-96, hash length 128 Bits
260 # 2 = HMAC-SHA-1-96, hash length 160 Bits
261 # 3 = HMAC-SHA-256, hash length 256 Bits
262 # 4 = HMAC-SHA-384, hash length 384 Bits
263 # 5 = HMAC-SHA-512, hash length 512 Bits
264 IpsecAuth=5
Strongswan Configuration for Lancom
This is a modern and recommended vici-style (Versatile IKE Configuration Interface) configuration for swanctl.
/etc/swanctl/conf.d/vpn-company.conf
1 ### LANCOM ROADWARRIOR
2 ### SETTING FOR A CLIENT TO SERVER CONNECTION
3 connections {
4 ikev2-psk-company {
5 # IKE major version to use for connection.
6 version = 2
7 # With IKEv1 aggressive mode may be used.
8 #aggressive = yes
9 # Remote address(es) to use for IKE communication, comma separated.
10 #remote_addrs = ip.add.re.ss
11 remote_addrs = fully.qualified.domain.tld
12 # Virtual IPs to request in configuration payload / Mode Config.
13 vips = 0.0.0.0
14
15 # Section for a local authentication round.
16 local {
17 ### LANCOM USES PSK AUTHENTICATION
18 # Authentication to perform locally (pubkey, psk, xauth[-backend] or
19 # eap[-method]).
20 auth = psk
21
22 # IKE identity to use for authentication round.
23 id = IKEV2_USER1@intern
24 }
25
26 # Section for a remote authentication round.
27 remote {
28 ### LANCOM USES PSK AUTHENTICATION
29 auth = psk
30 ### REMOTE-ID MUST MATCH THE LOCAL-ID
31 #id = IKEV2_USER1@intern
32 }
33
34 children {
35 # CHILD_SA configuration sub-section.
36 net-company {
37 ### ADEPT THE TRAFFIC SELECTORS TO YOUR NEEDS
38 # Remote selectors to include in CHILD_SA.
39 remote_ts = 10.0.0.0/8
40 #remote_ts = 0.0.0.0/0
41
42 # ESP proposals to offer for the CHILD_SA.
43 # esp_proposals = default
44 esp_proposals = aes256-sha256-modp2048
45 }
46 }
47
48 ### CUSTOM
49 # Number of retransmission sequences to perform during initial connect.
50 keyingtries = 3
51
52 ### TRANSMISSION OF CACERTS IS UNNECESSARY
53 ### SINCE THEY ARE NOT EVALUATED WITH PSK (STANDALONE)
54 # Send certificate requests payloads (yes or no).
55 send_certreq = no
56
57 ### YOU CAN AVOID A PROPOSAL MISMATCH
58 ### BY SPECIFYING THE PROPOSAL EXPLICITLY,
59 ### THIS ALSO SAVES 2 ROUNDTRIPS AND SPEEDS UP THE PROTOCOL.
60 ### OTHERWISE IT WILL BE NEGOTIATED AUTOMATICALLY
61 # Comma separated proposals to accept for IKE.
62 # proposals = default
63 proposals = aes256-sha256-modp2048
64 }
65 }
66
67 secrets {
68 # IKE preshared secret section
69 ike-IKEV2_USER1@intern {
70 # IKE identity the IKE preshared secret belongs to.
71 id = IKEV2_USER1@intern
72 # Value of the IKE preshared secret.
73 secret = phavapievoboGeixah9fikae
74 }
75 }
Use it
Btw.: ZSH by grml has great swanctl integration. https://git.grml.org/?p=grml-etc-core.git
Start it with:
Stop it with:
1 swanctl --terminate --ike=ikev2-psk-company;
Check it with:
Have fun.
EOF