Cisco – IPSec IKEv2 connection failure due to RSA authentication issue

authenticationciscoikeipsec

I'm trying to get an IPSec/IKEv2 setup working, which was implement following this
I don't understand why, but when a client connects (StrongSwan on Android here), the session is closed because the server cannot authenticate itself using the RSA key (see the logs), although the key was successfully imported.

Any help or pointer greatly appreciated 🙂

Some extra info:

sh run:

aaa new-model
!
!
aaa group server radius nas
 server name nas
!
aaa authentication login ipsec-radius group nas
aaa authentication enable default none
aaa authorization exec default none
aaa authorization commands 0 default none
aaa authorization commands 15 default none
aaa authorization network ipsec-local local
!
!
!
crypto pki trustpoint pki_ca_commodo_2017
 enrollment terminal pem
 revocation-check crl
!
crypto pki trustpoint pki_crt_rtr.example.net_2017
 chain-validation continue pki_ca_commodo_2017
 revocation-check none
 rsakeypair pki_crt_rtr.example.net_2017
!
!
crypto pki certificate chain pki_ca_commodo_2017
 certificate ca SN
  CRT_CONTENT
        quit
crypto pki certificate chain pki_crt_rtr.example.net_2017
 certificate ca SN
    CRT_CONTENT
        quit
no ip source-route
!

!
crypto ikev2 authorization policy crp_ph1_auth
 pool pool4-ipsec
 dns 192.168.10.5
 def-domain example.net
!
crypto ikev2 proposal crp_ph1_proposal
 encryption aes-cbc-256
 integrity sha1 sha256
 group 2 14 15 16 19
!
crypto ikev2 policy crp_ph1_policy
 proposal crp_ph1_proposal
!
!
crypto ikev2 profile crp_ph1_profile
 match identity remote any
 identity local fqdn rtr.example.net
 authentication remote eap query-identity
 authentication local rsa-sig
 pki trustpoint pki_crt_rtr.example.net_2017
 aaa authentication eap ipsec-radius
 aaa authorization group eap list ipsec-local crp_ph1_auth
 aaa authorization user eap cached
 virtual-template 1
!
!
!
!
crypto ipsec transform-set crp_ph2_ts esp-aes 256 esp-sha-hmac
 mode tunnel
!
crypto ipsec profile crp_ph2_profile
 set transform-set crp_ph2_ts
 set ikev2-profile crp_ph1_profile
!
!
!
!
!
!
interface Virtual-Template1 type tunnel
 ip unnumbered Loopback20
 ip mtu 1000
 tunnel mode ipsec ipv4
 tunnel protection ipsec profile crp_ph2_profile
!

!
!
interface Loopback20
 description Internal Users IPSec
 ip address 192.168.20.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip wccp web-cache redirect in
 ip wccp 70 redirect in
 ip pim sparse-dense-mode
 ip nat inside
 ip virtual-reassembly in
 ipv6 address IPV6_PREFIX::1/64
 ipv6 enable
 ipv6 wccp web-cache redirect in
 ipv6 wccp 70 redirect in
 ipv6 traffic-filter acl6_in_users in
 ipv6 traffic-filter acl6_out_users out

ip local pool pool4-ipsec 192.168.20.10 192.168.20.150

!
radius server nas
 address ipv4 192.168.10.5 auth-port 1812 acct-port 1813
 key 7 SOME_SECRET

sh log:

000735: Jan 28 22:01:50.235: IKEv2:Received Packet [From 178.50.69.206:28781/To WAN_IP:500/VRF i0:f0]
Initiator SPI : 13AF6A7B85A1F8B2 - Responder SPI : 0000000000000000 Message id: 0
IKEv2 IKE_SA_INIT Exchange REQUEST
Payload contents:
 SA KE N NOTIFY(NAT_DETECTION_SOURCE_IP) NOTIFY(NAT_DETECTION_DESTINATION_IP) NOTIFY(Unknown - 16430) NOTIFY(Unknown - 16431) NOTIFY(REDIRECT_SUPPORTED)

000736: Jan 28 22:01:50.235: IKEv2:(SESSION ID = 14,SA ID = 1):Verify SA init message
000737: Jan 28 22:01:50.235: IKEv2:(SESSION ID = 14,SA ID = 1):Insert SA
000738: Jan 28 22:01:50.235: IKEv2:Searching Policy with fvrf 0, local address WAN_IP
000739: Jan 28 22:01:50.235: IKEv2:Found Policy 'crp_ph1_policy'
000740: Jan 28 22:01:50.235: IKEv2:(SESSION ID = 14,SA ID = 1):Processing IKE_SA_INIT message
000741: Jan 28 22:01:50.235: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Retrieve configured trustpoint(s)
000742: Jan 28 22:01:50.235: IKEv2:(SA ID = 1):[PKI -> IKEv2] Retrieved trustpoint(s): 'pki_crt_rtr.example.net_2017'   'pki_ca_commodo_2017'
000743: Jan 28 22:01:50.235: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Get Public Key Hashes of trustpoints
000744: Jan 28 22:01:50.235: IKEv2:(SA ID = 1):[PKI -> IKEv2] Getting of Public Key Hashes of trustpoints PASSED
000745: Jan 28 22:01:50.235: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Start PKI Session
000746: Jan 28 22:01:50.235: IKEv2:(SA ID = 1):[PKI -> IKEv2] Starting of PKI Session PASSED
000747: Jan 28 22:01:50.235: IKEv2:(SESSION ID = 14,SA ID = 1):[IKEv2 -> Crypto Engine] Computing DH public key, DH Group 19
000748: Jan 28 22:01:50.235: IKEv2:(SA ID = 1):[Crypto Engine -> IKEv2] DH key Computation PASSED
000749: Jan 28 22:01:50.235: IKEv2:(SESSION ID = 14,SA ID = 1):Request queued for computation of DH key
000750: Jan 28 22:01:50.235: IKEv2:(SESSION ID = 14,SA ID = 1):[IKEv2 -> Crypto Engine] Computing DH secret key, DH Group 19
000751: Jan 28 22:01:50.247: IKEv2:(SA ID = 1):[Crypto Engine -> IKEv2] DH key Computation PASSED
000752: Jan 28 22:01:50.247: IKEv2:(SESSION ID = 14,SA ID = 1):Request queued for computation of DH secret
000753: Jan 28 22:01:50.251: IKEv2:(SA ID = 1):[IKEv2 -> Crypto Engine] Calculate SKEYSEED and create rekeyed IKEv2 SA
000754: Jan 28 22:01:50.251: IKEv2:(SA ID = 1):[Crypto Engine -> IKEv2] SKEYSEED calculation and creation of rekeyed IKEv2 SA PASSED
000755: Jan 28 22:01:50.251: IKEv2:IKEv2 responder - no config data to send in IKE_SA_INIT exch
000756: Jan 28 22:01:50.251: IKEv2:(SESSION ID = 14,SA ID = 1):Generating IKE_SA_INIT message
000757: Jan 28 22:01:50.251: IKEv2:(SESSION ID = 14,SA ID = 1):IKE Proposal: 1, SPI size: 0 (initial negotiation),
Num. transforms: 4
   AES-CBC   SHA256   SHA256   DH_GROUP_256_ECP/Group 19
000758: Jan 28 22:01:50.251: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Retrieve configured trustpoint(s)
000759: Jan 28 22:01:50.251: IKEv2:(SA ID = 1):[PKI -> IKEv2] Retrieved trustpoint(s): 'pki_crt_rtr.example.net_2017'   'pki_ca_commodo_2017'
000760: Jan 28 22:01:50.251: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Get Public Key Hashes of trustpoints
000761: Jan 28 22:01:50.251: IKEv2:(SA ID = 1):[PKI -> IKEv2] Getting of Public Key Hashes of trustpoints PASSED

000762: Jan 28 22:01:50.251: IKEv2:(SESSION ID = 14,SA ID = 1):Sending Packet [To 178.50.69.206:28781/From WAN_IP:500/VRF i0:f0]
Initiator SPI : 13AF6A7B85A1F8B2 - Responder SPI : 7C8FBD9899854B23 Message id: 0
IKEv2 IKE_SA_INIT Exchange RESPONSE
Payload contents:
 SA KE N VID VID NOTIFY(NAT_DETECTION_SOURCE_IP) NOTIFY(NAT_DETECTION_DESTINATION_IP) CERTREQ NOTIFY(HTTP_CERT_LOOKUP_SUPPORTED)

000763: Jan 28 22:01:50.251: IKEv2:(SESSION ID = 14,SA ID = 1):Completed SA init exchange
000764: Jan 28 22:01:50.251: IKEv2:(SESSION ID = 14,SA ID = 1):Starting timer (30 sec) to wait for auth message

000765: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Received Packet [From 178.50.69.206:18974/To WAN_IP:500/VRF i0:f0]
Initiator SPI : 13AF6A7B85A1F8B2 - Responder SPI : 7C8FBD9899854B23 Message id: 1
IKEv2 IKE_AUTH Exchange REQUEST
Payload contents:
 IDi NOTIFY(INITIAL_CONTACT) CFG NOTIFY(ESP_TFC_NO_SUPPORT) SA TSi TSr NOTIFY(Unknown - 16396) NOTIFY(Unknown - 16399) NOTIFY(Unknown - 16417) NOTIFY(Unknown - 16420)

000766: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Stopping timer to wait for auth message
000767: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Checking NAT discovery
000768: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):NAT OUTSIDE found
000769: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):NAT detected float to init port 18974, resp port 4500
000770: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Searching policy based on peer's identity 'nicolas' of type 'FQDN'
000771: Jan 28 22:01:50.499: IKEv2:found matching IKEv2 profile 'crp_ph1_profile'
000772: Jan 28 22:01:50.499: IKEv2:Searching Policy with fvrf 0, local address WAN_IP
000773: Jan 28 22:01:50.499: IKEv2:Found Policy 'crp_ph1_policy'
000774: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Verify peer's policy
000775: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Peer's policy verified
000776: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Check for EAP exchange
000777: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Generate my authentication data
000778: Jan 28 22:01:50.499: IKEv2:[IKEv2 -> Crypto Engine] Generate IKEv2 authentication data
000779: Jan 28 22:01:50.499: IKEv2:[Crypto Engine -> IKEv2] IKEv2 authentication data generation PASSED
000780: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Get my authentication method
000781: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):My authentication method is 'RSA'
000782: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Sign authentication data
000783: Jan 28 22:01:50.499: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Getting private key
000784: Jan 28 22:01:50.499: IKEv2:(SA ID = 1):[PKI -> IKEv2] Getting of private key FAILED
000785: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):: Failed to generate auth data: Failed to sign data
000786: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Verification of peer's authentication data FAILED
000787: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Sending authentication failure notify
000788: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Building packet for encryption.
Payload contents:
 NOTIFY(AUTHENTICATION_FAILED)

000789: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Sending Packet [To 178.50.69.206:18974/From WAN_IP:4500/VRF i0:f0]
Initiator SPI : 13AF6A7B85A1F8B2 - Responder SPI : 7C8FBD9899854B23 Message id: 1
IKEv2 IKE_AUTH Exchange RESPONSE
Payload contents:
 ENCR

000790: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Auth exchange failed
000791: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):: Auth exchange failed
000792: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Abort exchange
000793: Jan 28 22:01:50.499: IKEv2:(SESSION ID = 14,SA ID = 1):Deleting SA
000794: Jan 28 22:01:50.499: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Close PKI Session
000795: Jan 28 22:01:50.499: IKEv2:(SA ID = 1):[PKI -> IKEv2] Closing of PKI Session PASSED

sh crypto (pki trustpoints, key and certificates):

rtr01#sh crypto key mypubkey rsa
% Key pair was generated at: 21:57:36 CET Jan 28 2018
Key name: pki_crt_rtr.example.net_2017
Key type: RSA KEYS
 Storage Device: not specified
 Usage: General Purpose Key
 Key is not exportable.
 Key Data:
  STRIPPED_DATA
% Key pair was generated at: 21:57:36 CET Jan 28 2018
Key name: pki_crt_rtr.example.net_2017.server
Key type: RSA KEYS
Temporary key
 Usage: Encryption Key
 Key is not exportable.
 Key Data:
  STRIPPED_DATA
rtr01#
rtr01#
rtr01#sh crypto pki trustpoints status
Trustpoint pki_ca_commodo_2017:
  Issuing CA certificate configured:
    Subject Name:
     cn=COMODO RSA Domain Validation Secure Server CA,o=COMODO CA Limited,l=Salford,st=Greater Manchester,c=GB
    Fingerprint MD5: 83E10465 B722EF33 FF0B6F53 5E8D996B
    Fingerprint SHA1: 339CDD57 CFD5B141 169B615F F3142878 2D1DA639
  State:
    Keys generated ............. No
    Issuing CA authenticated ....... Yes
    Certificate request(s) ..... None


Trustpoint pki_crt_rtr.example.net_2017:
  Issuing CA certificate configured:
    Subject Name:
     cn=COMODO RSA Domain Validation Secure Server CA,o=COMODO CA Limited,l=Salford,st=Greater Manchester,c=GB
    Fingerprint MD5: 83E10465 B722EF33 FF0B6F53 5E8D996B
    Fingerprint SHA1: 339CDD57 CFD5B141 169B615F F3142878 2D1DA639
  Router General Purpose certificate configured:
    Subject Name:
     cn=rtr.example.net,ou=PositiveSSL,ou=Domain Control Validated
    Fingerprint MD5: 423DA121 920A9DF4 16CAB00E 7D18FAF3
    Fingerprint SHA1: 7C9D98BC F099DF12 03FA9E59 F5A49562 A0057CC8
  State:
    Keys generated ............. Yes (General Purpose, non-exportable)
    Issuing CA authenticated ....... Yes
    Certificate request(s) ..... Yes


rtr01#
rtr01#sh crypto pki certificates verbose
Certificate
  Status: Available
  Version: 3
  Certificate Serial Number (hex): 3903CD8ED57A5EDA411E33F1A1725DE0
  Certificate Usage: General Purpose
  Issuer:
    cn=COMODO RSA Domain Validation Secure Server CA
    o=COMODO CA Limited
    l=Salford
    st=Greater Manchester
    c=GB
  Subject:
    Name: rtr.example.net
    cn=rtr.example.net
    ou=PositiveSSL
    ou=Domain Control Validated
  CRL Distribution Points:
    http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl
  Validity Date:
    start date: 01:00:00 CET Sep 29 2017
    end   date: 00:59:59 CET Sep 29 2020
  Subject Key Info:
    Public Key Algorithm: rsaEncryption
    RSA Public Key: (2048 bit)
  Signature Algorithm: SHA256 with RSA Encryption
  Fingerprint MD5: 423DA121 920A9DF4 16CAB00E 7D18FAF3
  Fingerprint SHA1: 7C9D98BC F099DF12 03FA9E59 F5A49562 A0057CC8
  X509v3 extensions:
    X509v3 Key Usage: A0000000
      Digital Signature
      Key Encipherment
    X509v3 Subject Key ID: 044109EC DD63A6A4 3893B206 6D39CE3F 08E7ABE0
    X509v3 Basic Constraints:
        CA: FALSE
    X509v3 Subject Alternative Name:
        www.rtr.example.net rtr.example.net
    X509v3 Authority Key ID: 90AF6A3A 945A0BD8 90EA1256 73DF43B4 3A28DAE7
    Authority Info Access:
        OCSP URL: http://ocsp.comodoca.com
    X509v3 CertificatePolicies:
        Policy: 2.23.140.1.2.1
        Policy: 1.3.6.1.4.1.6449.1.2.2.7
            Qualifier ID: 1.3.6.1.5.5.7.2.1
            Qualifier Info: https://secure.comodo.com/CPS
    Extended Key Usage:
        Client Auth
        Server Auth
  Associated Trustpoints: pki_crt_rtr.example.net_2017
  Key Label: pki_crt_rtr.example.net_2017

CA Certificate
  Status: Available
  Version: 3
  Certificate Serial Number (hex): 2B2E6EEAD975366C148A6EDBA37C8C07
  Certificate Usage: Signature
  Issuer:
    cn=COMODO RSA Certification Authority
    o=COMODO CA Limited
    l=Salford
    st=Greater Manchester
    c=GB
  Subject:
    cn=COMODO RSA Domain Validation Secure Server CA
    o=COMODO CA Limited
    l=Salford
    st=Greater Manchester
    c=GB
  CRL Distribution Points:
    http://crl.comodoca.com/COMODORSACertificationAuthority.crl
  Validity Date:
    start date: 01:00:00 CET Feb 12 2014
    end   date: 00:59:59 CET Feb 12 2029
  Subject Key Info:
    Public Key Algorithm: rsaEncryption
    RSA Public Key: (2048 bit)
  Signature Algorithm: SHA384 with RSA Encryption
  Fingerprint MD5: 83E10465 B722EF33 FF0B6F53 5E8D996B
  Fingerprint SHA1: 339CDD57 CFD5B141 169B615F F3142878 2D1DA639
  X509v3 extensions:
    X509v3 Key Usage: 86000000
      Digital Signature
      Key Cert Sign
      CRL Signature
    X509v3 Subject Key ID: 90AF6A3A 945A0BD8 90EA1256 73DF43B4 3A28DAE7
    X509v3 Basic Constraints:
        CA: TRUE
    X509v3 Authority Key ID: BBAF7E02 3DFAA6F1 3C848EAD EE3898EC D93232D4
    Authority Info Access:
        OCSP URL: http://ocsp.comodoca.com
    X509v3 CertificatePolicies:
        Policy: 2.23.140.1.2.1
        Policy: 2.5.29.32.0
    Extended Key Usage:
        Client Auth
        Server Auth
  Associated Trustpoints: pki_crt_rtr.example.net_2017 pki_ca_commodo_2017
  Storage: nvram:COMODORSACer#8C07CA.cer

https://www.cisco.com/c/en/us/support/docs/security/flexvpn/116837-config-strongswan-ios-00.html

Best Answer

first shot: change the ipsec-transform-set to "esp-aes esp-sha-hmac". (remove the "256")

Or try to use the "default"-transform-set.

Have seen a lot of IOS-Releases where changing the transform-set broke FlexVPN.

Related Topic