Project

General

Profile

Windows Suite B Support with IKEv1 » History » Version 22

Andreas Steffen, 22.07.2009 18:15
numeration

1 10 Andreas Steffen
h1. Windows Suite B Support with IKEv1
2 1 Andreas Steffen
3 20 Andreas Steffen
{{>toc}}
4 1 Andreas Steffen
5 21 Andreas Steffen
Windows Vista Service Pack 1, Windows Server 2008 and Windows 7 support the Suite B cryptographic algorithms for IPsec defined by "RFC 4869":http://tools.ietf.org/html/rfc4869. For Windows configuration details see http://support.microsoft.com/kb/949856/.
6 20 Andreas Steffen
7 21 Andreas Steffen
Starting with strongSwan release 4.3.3 the IKEv1 pluto daemon also fully supports the Suite B cryptographic algorithms. This is the reason that we created this HOWTO on Windows Suite B interoperability.
8 21 Andreas Steffen
9 22 Andreas Steffen
h2. 1 Preparations
10 1 Andreas Steffen
11 22 Andreas Steffen
h3. 1.1 Import of Windows Machine Certificates
12 16 Andreas Steffen
13 21 Andreas Steffen
First we import both an ECDSA-256 and an ECDSA-384 machine certificate plus the corresponding private keys and root CA certificate in PKCS#12 format (.p12) into the local computer part of the Windows registry using the Microsoft Management Console *mmc*:
14 16 Andreas Steffen
15 14 Andreas Steffen
!advfirewall_mmc.png!
16 14 Andreas Steffen
17 17 Andreas Steffen
Here are some details of the imported ECDSA-256 certificate:
18 14 Andreas Steffen
19 1 Andreas Steffen
!advfirewall_ecdsa256_cert.png!
20 16 Andreas Steffen
21 13 Andreas Steffen
and here of the imported ECDSA-384 certificate:
22 16 Andreas Steffen
23 1 Andreas Steffen
!advfirewall_ecdsa384_cert.png!
24 1 Andreas Steffen
25 22 Andreas Steffen
h3. 1.2 Import of strongSwan Private Keys
26 1 Andreas Steffen
27 20 Andreas Steffen
The path to RSA and ECDSA private keys are defined in /etc/ipsec.secrets:
28 20 Andreas Steffen
29 20 Andreas Steffen
<pre>
30 20 Andreas Steffen
# /etc/ipsec.secrets - strongSwan IPsec secrets file
31 20 Andreas Steffen
32 20 Andreas Steffen
: RSA vpnKey.pem
33 20 Andreas Steffen
34 20 Andreas Steffen
: ECDSA koala_ec256Key.pem
35 20 Andreas Steffen
36 20 Andreas Steffen
: ECDSA koala_ec384Key.pem
37 20 Andreas Steffen
38 20 Andreas Steffen
</pre>
39 20 Andreas Steffen
40 22 Andreas Steffen
h3. 1.3 Windows Main Mode Security Methods
41 20 Andreas Steffen
42 1 Andreas Steffen
The following command sets the IKEv1 Main Mode security methods globally:
43 1 Andreas Steffen
44 19 Andreas Steffen
<pre>
45 19 Andreas Steffen
netsh advfirewall set global mainmode mmsecmethods ecdhp256:aes128-sha256,ecdhp384:aes192-sha384,dhgroup14:aes128-sha1
46 19 Andreas Steffen
</pre>
47 19 Andreas Steffen
48 19 Andreas Steffen
The currently configured algorithms can be checked using the command:
49 19 Andreas Steffen
50 19 Andreas Steffen
<pre>
51 19 Andreas Steffen
netsh advfirewall show global
52 19 Andreas Steffen
53 19 Andreas Steffen
Main Mode:
54 19 Andreas Steffen
KeyLifetime  480min,0sess
55 19 Andreas Steffen
SecMethods   ECDHP256-AES128-SHA256,ECDHP384-AES192-SHA384,DHGroup14-AES128-SHA1
56 19 Andreas Steffen
ForceDH      No
57 19 Andreas Steffen
</pre>
58 19 Andreas Steffen
59 22 Andreas Steffen
h2. 2 Suite B with 128 Bit Security
60 1 Andreas Steffen
61 22 Andreas Steffen
h3. 2.1 Windows Connection Security Rule
62 16 Andreas Steffen
63 16 Andreas Steffen
First we create a new "VPN Suite B 256" security rule:
64 16 Andreas Steffen
65 16 Andreas Steffen
!advfirewall_security_rule_256.png!
66 16 Andreas Steffen
67 16 Andreas Steffen
The following command sets the IKEv1 Quick Mode algorithms in the rule "VPN Suite B 256":
68 16 Andreas Steffen
69 1 Andreas Steffen
<pre>
70 16 Andreas Steffen
netsh advfirewall consec set rule name="VPN Suite B 256" new qmsecmethods=esp:aesgcm128-aesgcm128,esp:aesgcm192-aesgcm192,esp:aesgcm256-aesgcm256
71 3 Andreas Steffen
</pre>
72 4 Andreas Steffen
73 8 Andreas Steffen
The current rule settings are shown with the following command:
74 5 Andreas Steffen
75 5 Andreas Steffen
<pre>
76 16 Andreas Steffen
netsh advfirewall consec show rule name="VPN Suite B 256"
77 5 Andreas Steffen
78 16 Andreas Steffen
Rule Name:                            VPN Suite B 256
79 5 Andreas Steffen
----------------------------------------------------------------------
80 5 Andreas Steffen
Enabled:                              Yes
81 5 Andreas Steffen
Profiles:                             Domain,Private,Public
82 5 Andreas Steffen
Type:                                 Static
83 5 Andreas Steffen
Mode:                                 Tunnel
84 11 Andreas Steffen
LocalTunnelEndpoint:                  10.10.0.6
85 5 Andreas Steffen
RemoteTunnelEndpoint:                 10.10.0.1
86 5 Andreas Steffen
Endpoint1:                            10.10.0.6/32
87 5 Andreas Steffen
Endpoint2:                            10.10.1.0/24
88 5 Andreas Steffen
Protocol:                             Any
89 5 Andreas Steffen
Action:                               RequireInRequireOut
90 11 Andreas Steffen
Auth1:                                ComputerCertECDSAP256
91 11 Andreas Steffen
Auth1ECDSAP256CAName:                 C=CH, O=strongSec GmbH, CN=strongSec 2007 CA
92 11 Andreas Steffen
Auth1ECDSAP256CertMapping:            No
93 11 Andreas Steffen
Auth1ECDSAP256ExcludeCAName:          No
94 11 Andreas Steffen
Auth1ECDSAP256CertType:               Root
95 1 Andreas Steffen
Auth1ECDSAP256HealthCert:             No
96 1 Andreas Steffen
MainModeSecMethods:                   ECDHP256-AES128-SHA256,ECDHP384-AES192-SHA384,DHGroup14-AES128-SHA1
97 11 Andreas Steffen
QuickModeSecMethods:                  ESP:AESGCM128-AESGCM128+60min+100000kb,ESP:AESGCM192-AESGCM192+60min+100000kb,ESP:AESGCM256-AESGCM256+60min+100000kb
98 5 Andreas Steffen
ExemptIPsecProtectedConnections:      No
99 11 Andreas Steffen
ApplyAuthorization:                   No
100 1 Andreas Steffen
Ok.
101 1 Andreas Steffen
</pre>
102 5 Andreas Steffen
103 22 Andreas Steffen
h3. 2.2 strongSwan Connection Definition
104 16 Andreas Steffen
105 8 Andreas Steffen
On the strongSwan side the following entries are required in ipsec.conf for 128 bit security:
106 8 Andreas Steffen
107 1 Andreas Steffen
<pre>
108 17 Andreas Steffen
conn suiteB-256
109 17 Andreas Steffen
     leftcert=koala_ec256Cert.pem
110 17 Andreas Steffen
     rightid="C=CH, O=strongSec GmbH, OU=ECDSA-256, CN=bonsai.strongsec.com"
111 17 Andreas Steffen
     ike=aes128-sha256-ecp256!
112 17 Andreas Steffen
     esp=aes128gcm16!
113 17 Andreas Steffen
     also=suiteB
114 17 Andreas Steffen
     auto=add
115 17 Andreas Steffen
116 1 Andreas Steffen
conn suiteB
117 12 Andreas Steffen
     left=10.10.0.1
118 12 Andreas Steffen
     leftsubnet=10.10.1.0/24
119 17 Andreas Steffen
     leftid=@koala.strongsec.com
120 1 Andreas Steffen
     leftfirewall=yes
121 1 Andreas Steffen
     lefthostaccess=yes
122 1 Andreas Steffen
     right=10.10.0.6
123 1 Andreas Steffen
     rightca=%same
124 1 Andreas Steffen
     keyexchange=ikev1
125 10 Andreas Steffen
     pfs=no
126 12 Andreas Steffen
     dpdaction=clear
127 12 Andreas Steffen
     dpddelay=300s
128 12 Andreas Steffen
     rekey=no
129 10 Andreas Steffen
</pre>
130 1 Andreas Steffen
131 22 Andreas Steffen
h3. 2.3 Windows Security Association Monitoring
132 16 Andreas Steffen
133 1 Andreas Steffen
Pinging host 10.10.1.11 behind the Linux VPN gateway from the Windows host triggers the IKEv1 tunnel setup.
134 13 Andreas Steffen
The following Windows status information is available for the Main Mode:
135 1 Andreas Steffen
136 1 Andreas Steffen
!advfirewall_main_mode_128.png!
137 13 Andreas Steffen
138 13 Andreas Steffen
and the established Quick Mode:
139 1 Andreas Steffen
140 13 Andreas Steffen
!advfirewall_quick_mode_128.png!
141 13 Andreas Steffen
142 22 Andreas Steffen
h3. 2.4 strongSwan IPsec Status Information
143 1 Andreas Steffen
144 1 Andreas Steffen
Here the resulting status output on the Linux side:
145 1 Andreas Steffen
146 1 Andreas Steffen
<pre>
147 17 Andreas Steffen
root@koala:~# ipsec statusall suiteB-256
148 1 Andreas Steffen
149 1 Andreas Steffen
Status of IKEv1 pluto daemon (strongSwan 4.3.3):
150 17 Andreas Steffen
interface eth1/eth1 10.10.0.1:4500
151 17 Andreas Steffen
interface eth1/eth1 10.10.0.1:500
152 1 Andreas Steffen
loaded plugins: curl test-vectors aes des sha1 sha2 md5 gmp openssl pubkey random hmac 
153 1 Andreas Steffen
debug options: control
154 17 Andreas Steffen
155 17 Andreas Steffen
"suiteB-256": 10.10.1.0/24===10.10.0.1[@koala.strongsec.com]...10.10.0.6[C=CH, O=strongSec GmbH, OU=ECDSA-256, CN=bonsai.strongsec.com]; erouted; eroute owner: !#2
156 17 Andreas Steffen
"suiteB-256":   CAs: 'C=CH, O=strongSec GmbH, CN=strongSec 2007 CA'...'C=CH, O=strongSec GmbH, CN=strongSec 2007 CA'
157 17 Andreas Steffen
"suiteB-256":   ike_life: 10800s; ipsec_life: 3600s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
158 17 Andreas Steffen
"suiteB-256":   dpd_action: clear; dpd_delay: 300s; dpd_timeout: 150s;
159 17 Andreas Steffen
"suiteB-256":   policy: PUBKEY+ENCRYPT+TUNNEL+DONTREKEY; prio: 24,32; interface: eth1; 
160 17 Andreas Steffen
"suiteB-256":   newest ISAKMP SA: !#1; newest IPsec SA: !#2; 
161 17 Andreas Steffen
"suiteB-256":   IKE proposal: AES_CBC_128/HMAC_SHA2_256/ECP_256
162 17 Andreas Steffen
"suiteB-256":   ESP proposal: AES_GCM_16_128/AUTH_NONE/<N/A>
163 1 Andreas Steffen
 
164 17 Andreas Steffen
!#2: "suiteB-256" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3579s; newest IPSEC; eroute owner
165 17 Andreas Steffen
!#2: "suiteB-256" esp.aa4cf272@10.10.0.6 (180 bytes, 16s ago) esp.cdf37664@10.10.0.1 (240 bytes, 16s ago); tunnel
166 17 Andreas Steffen
!#1: "suiteB-256" STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_EXPIRE in 28778s; newest ISAKMP
167 17 Andreas Steffen
168 16 Andreas Steffen
</pre>
169 16 Andreas Steffen
170 22 Andreas Steffen
h2. 3 Suite B with 192 Bit Security
171 16 Andreas Steffen
172 22 Andreas Steffen
h3. 3.1 Windows Connection Security Rule
173 16 Andreas Steffen
174 18 Andreas Steffen
We create a "VPN Suite B 384" security rule:
175 18 Andreas Steffen
176 18 Andreas Steffen
!advfirewall_security_rule_384.png!
177 18 Andreas Steffen
178 18 Andreas Steffen
The following command sets the IKEv1 Quick Mode algorithms in the rule "VPN Suite B 384":
179 18 Andreas Steffen
180 1 Andreas Steffen
<pre>
181 18 Andreas Steffen
netsh advfirewall consec set rule name="VPN Suite B 384" new qmsecmethods=esp:aesgcm128-aesgcm128,esp:aesgcm192-aesgcm192,esp:aesgcm256-aesgcm256
182 18 Andreas Steffen
</pre>
183 1 Andreas Steffen
184 18 Andreas Steffen
The current rule settings are shown with the following command:
185 18 Andreas Steffen
186 18 Andreas Steffen
<pre>
187 18 Andreas Steffen
netsh advfirewall consec show rule name="VPN Suite B 384"
188 18 Andreas Steffen
189 16 Andreas Steffen
Rule Name:                            VPN Suite B 384
190 16 Andreas Steffen
----------------------------------------------------------------------
191 16 Andreas Steffen
Enabled:                              Yes
192 16 Andreas Steffen
Profiles:                             Domain,Private,Public
193 16 Andreas Steffen
Type:                                 Static
194 16 Andreas Steffen
Mode:                                 Tunnel
195 16 Andreas Steffen
LocalTunnelEndpoint:                  10.10.0.6
196 16 Andreas Steffen
RemoteTunnelEndpoint:                 10.10.0.1
197 16 Andreas Steffen
Endpoint1:                            10.10.0.6/32
198 16 Andreas Steffen
Endpoint2:                            10.10.1.0/24
199 16 Andreas Steffen
Protocol:                             Any
200 16 Andreas Steffen
Action:                               RequireInRequireOut
201 16 Andreas Steffen
Auth1:                                ComputerCertECDSAP384
202 16 Andreas Steffen
Auth1ECDSAP384CAName:                 C=CH, O=strongSec GmbH, CN=strongSec 2007 CA
203 16 Andreas Steffen
Auth1ECDSAP384CertMapping:            No
204 16 Andreas Steffen
Auth1ECDSAP384ExcludeCAName:          No
205 16 Andreas Steffen
Auth1ECDSAP384CertType:               Root
206 16 Andreas Steffen
Auth1ECDSAP384HealthCert:             No
207 16 Andreas Steffen
MainModeSecMethods:                   ECDHP256-AES128-SHA256,ECDHP384-AES192-SHA384,DHGroup14-AES128-SHA1
208 16 Andreas Steffen
QuickModeSecMethods:                  ESP:AESGCM128-AESGCM128+60min+100000kb,ESP:AESGCM192-AESGCM192+60min+100000kb,ESP:AESGCM256-AESGCM256+60min+100000kb
209 16 Andreas Steffen
ExemptIPsecProtectedConnections:      No
210 16 Andreas Steffen
ApplyAuthorization:                   No
211 1 Andreas Steffen
Ok.
212 19 Andreas Steffen
</pre>
213 19 Andreas Steffen
214 22 Andreas Steffen
h3. 3.2 strongSwan Connection Definition
215 19 Andreas Steffen
216 19 Andreas Steffen
On the strongSwan side the following entries are required in ipsec.conf for 192 bit security:
217 19 Andreas Steffen
218 19 Andreas Steffen
<pre>
219 19 Andreas Steffen
conn suiteB-384
220 19 Andreas Steffen
     leftcert=koala_ec384Cert.pem
221 19 Andreas Steffen
     rightid="C=CH, O=strongSec GmbH, OU=ECDSA-384, CN=bonsai.strongsec.com"
222 19 Andreas Steffen
     ike=aes192-sha384-ecp384!
223 19 Andreas Steffen
     esp=aes192gcm16!
224 19 Andreas Steffen
     also=suiteB
225 19 Andreas Steffen
     auto=add
226 16 Andreas Steffen
</pre>
227 16 Andreas Steffen
228 22 Andreas Steffen
h3. 3.3 Windows Security Association Monitoring
229 1 Andreas Steffen
230 18 Andreas Steffen
Pinging host 10.10.1.11 behind the Linux VPN gateway from the Windows host triggers the IKEv1 tunnel setup.
231 18 Andreas Steffen
The following Windows status information is available for the Main Mode:
232 1 Andreas Steffen
233 18 Andreas Steffen
!advfirewall_main_mode_192.png!
234 18 Andreas Steffen
235 18 Andreas Steffen
and the established Quick Mode:
236 18 Andreas Steffen
237 18 Andreas Steffen
!advfirewall_quick_mode_192.png!
238 18 Andreas Steffen
239 22 Andreas Steffen
h3. 3.4 strongSwan IPsec Status Information
240 18 Andreas Steffen
241 1 Andreas Steffen
Here the resulting status output on the Linux side:
242 18 Andreas Steffen
243 18 Andreas Steffen
<pre>
244 18 Andreas Steffen
root@koala:~# ipsec statusall suiteB-384
245 18 Andreas Steffen
246 18 Andreas Steffen
Status of IKEv1 pluto daemon (strongSwan 4.3.3):
247 18 Andreas Steffen
interface eth1/eth1 10.10.0.1:4500
248 18 Andreas Steffen
interface eth1/eth1 10.10.0.1:500
249 18 Andreas Steffen
loaded plugins: curl test-vectors aes des sha1 sha2 md5 gmp openssl pubkey random hmac 
250 18 Andreas Steffen
debug options: control
251 18 Andreas Steffen
252 18 Andreas Steffen
"suiteB-384": 10.10.1.0/24===10.10.0.1[@koala.strongsec.com]...10.10.0.6[C=CH, O=strongSec GmbH, OU=ECDSA-384, CN=bonsai.strongsec.com]; erouted; eroute owner: !#6
253 18 Andreas Steffen
"suiteB-384":   CAs: 'C=CH, O=strongSec GmbH, CN=strongSec 2007 CA'...'C=CH, O=strongSec GmbH, CN=strongSec 2007 CA'
254 18 Andreas Steffen
"suiteB-384":   ike_life: 10800s; ipsec_life: 3600s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
255 18 Andreas Steffen
"suiteB-384":   dpd_action: clear; dpd_delay: 300s; dpd_timeout: 150s;
256 18 Andreas Steffen
"suiteB-384":   policy: PUBKEY+ENCRYPT+TUNNEL+DONTREKEY; prio: 24,32; interface: eth1; 
257 18 Andreas Steffen
"suiteB-384":   newest ISAKMP SA: !#5; newest IPsec SA: !#6; 
258 18 Andreas Steffen
"suiteB-384":   IKE proposal: AES_CBC_192/HMAC_SHA2_384/ECP_384
259 18 Andreas Steffen
"suiteB-384":   ESP proposal: AES_GCM_16_192/AUTH_NONE/<N/A>
260 18 Andreas Steffen
261 18 Andreas Steffen
!#6: "suiteB-384" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3591s; newest IPSEC; eroute owner
262 18 Andreas Steffen
!#6: "suiteB-384" esp.f54365c2@10.10.0.6 (180 bytes, 4s ago) esp.9f80bd7e@10.10.0.1 (240 bytes, 4s ago); tunnel
263 18 Andreas Steffen
!#5: "suiteB-384" STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_EXPIRE in 28790s; newest ISAKMP
264 18 Andreas Steffen
</pre>