Sunday, June 30, 2019

L2TP/IPSec PSK with Android -- INVALID_ID_INFORMATION

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: OpenPGP.js v4.5.1
Comment: https://openpgpjs.org

xjMEXLy3oxYJKwYBBAHaRw8BAQdA1u+3PBDg+JyMo01717GQuPnJCv7coei7
Wa/mZ7ehSj/NJSJsZXZhQGVjZW50cnVtLmh1IiA8bGV2YUBlY2VudHJ1bS5o
dT7CdwQQFgoAHwUCXLy3owYLCQcIAwIEFQgKAgMWAgECGQECGwMCHgEACgkQ
DEGOClIQCPwAQwEA6t0v62AryOh8TC7zQ1UsKX11XnTCe/VdltU2oPo8GpkB
AMMJ9i4sNsD+n2mFEARyCjeDCgT8aDgYpVdOZMbmwWkEzjgEXLy3oxIKKwYB
BAGXVQEFAQEHQEAbn78Ua1uhxrBz+4GqkHFZ7S+DSqU6YLDGruK/PLUDAwEI
B8JhBBgWCAAJBQJcvLejAhsMAAoJEAxBjgpSEAj8moABALrjTKLxEnoTBfxb
HiYXWaZxlubOPO2zpz/f9ZBRqGz4AP4/a0fJisj8dDrGf/7JnVonh+KF7L98
v0SH1CTPXK6gDA==
=r0Cq
-----END PGP PUBLIC KEY BLOCK-----
Hi all!

I know (saw) this has come up numerous times, and someone has been successful, others weren't. I thought I'd try this out myself, and not surprisingly it wasn't successful :)
I've been using these howtos [1] -- I know these can be outdated and/or simply wrong, I just wanted to get the general idea on how to tackle this.
I've made it through a couple of hurdles but now I'm stuck and thought I'd ask some questions here.

So this is my configuration:
OpenBSD 6.5-stable

/etc/ipsec.conf:
ike passive esp transport \
proto udp \
from any to any port l2tp \
main auth "hmac-sha2" enc "aes-256" group modp1024 \
quick auth "hmac-sha2" enc "aes-256" \
psk "thisismykey"

(I found that some howtos specified the group attribute for the line `quick` as well, but that didn't work for me, then it seemed this whole thing just wouldn't match my connection)

I'm starting isakmpd(8) as
/sbin/isakmpd -d -v -K

Then doing an:
/sbin/ipsecctl -vf /etc/ipsec.conf
=====================8<=====================
C set [Phase 1]:Default=peer-default force
C set [peer-default]:Phase=1 force
C set [peer-default]:Authentication=thisismykey force
C set [peer-default]:Configuration=phase1-peer-default force
C set [phase1-peer-default]:EXCHANGE_TYPE=ID_PROT force
C add [phase1-peer-default]:Transforms=phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024 force
C set [phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024]:AUTHENTICATION_METHOD=PRE_SHARED force
C set [phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024]:HASH_ALGORITHM=SHA2_256 force
C set [phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024]:ENCRYPTION_ALGORITHM=AES_CBC force
C set [phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024]:KEY_LENGTH=256,256:256 force
C set [phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024]:GROUP_DESCRIPTION=MODP_1024 force
C set [phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024]:Life=LIFE_MAIN_MODE force
C set [from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701]:Phase=2 force
C set [from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701]:ISAKMP-peer=peer-default force
C set [from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701]:Configuration=phase2-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701 force
C set [from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701]:Local-ID=from-0.0.0.0/0=17 force
C set [from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701]:Remote-ID=to-0.0.0.0/0=17:1701 force
C set [phase2-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701]:EXCHANGE_TYPE=QUICK_MODE force
C set [phase2-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701]:Suites=phase2-suite-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701 force
C set [phase2-suite-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701]:Protocols=phase2-protocol-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701 force
C set [phase2-protocol-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701]:PROTOCOL_ID=IPSEC_ESP force
C set [phase2-protocol-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701]:Transforms=phase2-transform-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT force
C set [phase2-transform-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT]:TRANSFORM_ID=AES force
C set [phase2-transform-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT]:KEY_LENGTH=256,256:256 force
C set [phase2-transform-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT]:ENCAPSULATION_MODE=TRANSPORT force
C set [phase2-transform-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT]:AUTHENTICATION_ALGORITHM=HMAC_SHA2_256 force
C set [phase2-transform-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT]:GROUP_DESCRIPTION=MODP_3072 force
C set [phase2-transform-from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT]:Life=LIFE_QUICK_MODE force
C set [from-0.0.0.0/0=17]:ID-type=IPV4_ADDR_SUBNET force
C set [from-0.0.0.0/0=17]:Network=0.0.0.0 force
C set [from-0.0.0.0/0=17]:Netmask=0.0.0.0 force
C set [to-0.0.0.0/0=17:1701]:ID-type=IPV4_ADDR_SUBNET force
C set [to-0.0.0.0/0=17:1701]:Network=0.0.0.0 force
C set [to-0.0.0.0/0=17:1701]:Netmask=0.0.0.0 force
C set [from-0.0.0.0/0=17]:Protocol=17 force
C set [to-0.0.0.0/0=17:1701]:Protocol=17 force
C set [to-0.0.0.0/0=17:1701]:Port=1701 force
C add [Phase 2]:Passive-Connections=from-0.0.0.0/0=17-to-0.0.0.0/0=17:1701
C set [Phase 1]:Default=peer-default force
C set [peer-default]:Phase=1 force
C set [peer-default]:Authentication=thisismykey force
C set [peer-default]:Configuration=phase1-peer-default force
C set [phase1-peer-default]:EXCHANGE_TYPE=ID_PROT force
C add [phase1-peer-default]:Transforms=phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024 force
C set [phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024]:AUTHENTICATION_METHOD=PRE_SHARED force
C set [phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024]:HASH_ALGORITHM=SHA2_256 force
C set [phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024]:ENCRYPTION_ALGORITHM=AES_CBC force
C set [phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024]:KEY_LENGTH=256,256:256 force
C set [phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024]:GROUP_DESCRIPTION=MODP_1024 force
C set [phase1-transform-peer-default-PRE_SHARED-SHA2_256-AES256-MODP_1024]:Life=LIFE_MAIN_MODE force
C set [from-::/0=17-to-::/0=17:1701]:Phase=2 force
C set [from-::/0=17-to-::/0=17:1701]:ISAKMP-peer=peer-default force
C set [from-::/0=17-to-::/0=17:1701]:Configuration=phase2-from-::/0=17-to-::/0=17:1701 force
C set [from-::/0=17-to-::/0=17:1701]:Local-ID=from-::/0=17 force
C set [from-::/0=17-to-::/0=17:1701]:Remote-ID=to-::/0=17:1701 force
C set [phase2-from-::/0=17-to-::/0=17:1701]:EXCHANGE_TYPE=QUICK_MODE force
C set [phase2-from-::/0=17-to-::/0=17:1701]:Suites=phase2-suite-from-::/0=17-to-::/0=17:1701 force
C set [phase2-suite-from-::/0=17-to-::/0=17:1701]:Protocols=phase2-protocol-from-::/0=17-to-::/0=17:1701 force
C set [phase2-protocol-from-::/0=17-to-::/0=17:1701]:PROTOCOL_ID=IPSEC_ESP force
C set [phase2-protocol-from-::/0=17-to-::/0=17:1701]:Transforms=phase2-transform-from-::/0=17-to-::/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT force
C set [phase2-transform-from-::/0=17-to-::/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT]:TRANSFORM_ID=AES force
C set [phase2-transform-from-::/0=17-to-::/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT]:KEY_LENGTH=256,256:256 force
C set [phase2-transform-from-::/0=17-to-::/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT]:ENCAPSULATION_MODE=TRANSPORT force
C set [phase2-transform-from-::/0=17-to-::/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT]:AUTHENTICATION_ALGORITHM=HMAC_SHA2_256 force
C set [phase2-transform-from-::/0=17-to-::/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT]:GROUP_DESCRIPTION=MODP_3072 force
C set [phase2-transform-from-::/0=17-to-::/0=17:1701-AES256-SHA2_256-MODP_3072-TRANSPORT]:Life=LIFE_QUICK_MODE force
C set [from-::/0=17]:ID-type=IPV6_ADDR_SUBNET force
C set [from-::/0=17]:Network=:: force
C set [from-::/0=17]:Netmask=:: force
C set [to-::/0=17:1701]:ID-type=IPV6_ADDR_SUBNET force
C set [to-::/0=17:1701]:Network=:: force
C set [to-::/0=17:1701]:Netmask=:: force
C set [from-::/0=17]:Protocol=17 force
C set [to-::/0=17:1701]:Protocol=17 force
C set [to-::/0=17:1701]:Port=1701 force
C add [Phase 2]:Passive-Connections=from-::/0=17-to-::/0=17:1701
=====================8<=====================

/etc/npppd/npppd.conf:
=====================8<=====================
authentication LOCAL type local {
users-file "/etc/npppd/npppd-users"
}

tunnel L2TP protocol l2tp {
listen on 0.0.0.0
listen on ::
}

ipcp IPCP {
pool-address 192.168.100.2-192.168.100.254
dns-servers 8.8.8.8
}

# use pppx(4) interface. use an interface per a ppp session.
interface pppx0 address 192.168.100.1 ipcp IPCP
bind tunnel from L2TP authenticated by LOCAL to pppx0
=====================8<=====================


So now when I connect from my Android 9 phone, set up as an L2TP/IPsec PSK connection, specifying the Server address as my internal LAN IP on the OpenBSD router (no NAT, just direct connection on the local network), setting the IPSec preshared key to the real key, and entering my username and password I've set for npppd(8), I'm getting this output from isakmpd(8):
=====================8<=====================
190048.505560 Default attribute_unacceptable: HASH_ALGORITHM: got SHA2_384, expected SHA2_256
190048.505768 Default attribute_unacceptable: GROUP_DESCRIPTION: got MODP_1024, expected MODP_3072
190048.505943 Default attribute_unacceptable: HASH_ALGORITHM: got SHA2_384, expected SHA2_256
190048.530050 Default isakmpd: phase 1 done (as responder): initiator id 192.168.5.17, responder id 192.168.0.1, src: 192.168.0.1 dst: 192.168.5.17
190049.556596 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1
190049.556699 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION
190052.571991 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1
190052.572093 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION
190055.594500 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1
190055.594593 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION
190058.615783 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1
190058.615909 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION
190101.642382 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1
190101.642478 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION
190104.674817 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1
190104.674885 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION
190107.702932 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1
190107.703001 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION
190110.728935 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1
190110.729004 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION
190113.760991 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1
190113.761061 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION
190116.770799 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1
190116.770869 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION
=====================8<=====================

Now I'm stuck here. I don't really know why it wouldn't accept these "IDs", I thought I've covered all my bases with "from any/to any" in ipsec.conf(5).
As for the attribute_unacceptable lines, I've tried to change the 'auth' attributes to "hmac-sha2-384", and I actually got the same messages.. I also tried to set the 'group' option for the 'main' and 'quick' lines to modp3072, no luck there either.

What also doesn't help is that every time my phone does an unsuccessful connection, I must restart it, because "something gets stuck there", and every subsequent connection attempt just doesn't do anything -- no packets are coming in from the phone anymore... Anyway.

I hope someone has had success with this and could point me in some kind of direction I'm not seeing.

Thanks in advance,
Dani



[1]:
http://bluepilltech.blogspot.com/2017/02/openbsd-l2tp-over-ipsec-android-601-ios.html
http://blog.fuckingwith.it/2016/04/openbsd-l2tpipsec-vpn-for-android.html
http://openbsd-archive.7691.n7.nabble.com/L2TP-IPSec-via-npppd-won-t-work-with-Android-5-x-td290194.html


-- 
Lévai, Dániel

No comments:

Post a Comment