search

hwdsl2 / setup-ipsec-vpn

Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2
Other
25.12k stars 6.3k forks source link

Error processing Signature payload #1206

Closed ghost closed 2 years ago

ghost commented 2 years ago

Attempting to connect from Windows 11 native VPN client to an IKEv2 server on Alma Linux 9 produces an error message:

Can't connect to ikev2

Error processing Signature payload

Windows Event Viewer says the user dialed a connection named ikev2 which has failed. The error code returned on failure is 13838.

ghost commented 2 years ago

From the IPsec log on the server:

#1: proposal 2:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA1_96;PRF=HMAC_SHA1;DH=MODP2048[first-match] 2:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_256_128;PRF=HMAC_SHA2_256;DH=MODP2048[better-match] 3:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_384_192;PRF=HMAC_SHA2_384;DH=MODP2048

#1: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}

#2: proposal 2:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA1_96;PRF=HMAC_SHA1;DH=MODP2048[first-match] 2:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_256_128;PRF=HMAC_SHA2_256;DH=MODP2048[better-match] 3:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_384_192;PRF=HMAC_SHA2_384;DH=MODP2048

#2: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
INFORMATIONAL request has no corresponding IKE SA; message dropped

#3: proposal 2:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA1_96;PRF=HMAC_SHA1;DH=MODP2048[first-match] 2:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_256_128;PRF=HMAC_SHA2_256;DH=MODP2048[better-match] 3:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_384_192;PRF=HMAC_SHA2_384;DH=MODP2048

#3: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}

#3: processing decrypted IKE_AUTH request: SK{IDi,CERT,CERTREQ,AUTH,N(MOBIKE_SUPPORTED),CP,SA,TSi,TSr}

#3: ignoring CERTREQ payload that is not ASN1: number of length octets overflows size_t

#3: reloaded private key matching left certificate '168.235.81.164'

#3: responder established IKE SA; authenticated using PKCS#1 1.5 RSA with SHA1 and peer certificate 'CN=vpnclient, O=IKEv2 VPN' issued by CA 'CN=IKEv2 VPN CA, O=IKEv2 VPN'

#3: NSS: SGN_Digest(SHA-1) function failed: SEC_ERROR_SIGNATURE_ALGORITHM_DISABLED: Could not create or verify a signature using a signature algorithm that is disabled because it is not secure.

pool 192.168.43.10-192.168.43.250: growing address pool from 0 to 1

#4: proposal 2:ESP=AES_CBC_128-HMAC_SHA1_96-DISABLED SPI=eed72b56 chosen from remote proposals 1:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA1_96;ESN=DISABLED[first-match] 2:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA1_96;ESN=DISABLED[better-match] 3:ESP:ENCR=3DES;INTEG=HMAC_SHA1_96;ESN=DISABLED 4:ESP:ENCR=DES(UNUSED);INTEG=HMAC_SHA1_96;ESN=DISABLED 5:ESP:ENCR=NULL;INTEG=HMAC_SHA1_96;ESN=DISABLED

#4: responder established Child SA using #3; IPsec tunnel [0.0.0.0-255.255.255.255:0-65535 0] -> [192.168.43.10-192.168.43.10:0-65535 0] {ESPinUDP=>0xeed72b56 <0x271eeb08 xfrm=AES_CBC_128-HMAC_SHA1_96 NATD=XX.XX.XX.XX:4500 DPD=active}

Possibly it is relevant that SEC_ERROR_SIGNATURE_ALGORITHM_DISABLED: Could not create or verify a signature using a signature algorithm that is disabled because it is not secure

hwdsl2 commented 2 years ago

@logyxis Thank you for reporting this issue and providing the logs. I was able to reproduce this issue on a server with AlmaLinux 9. The root cause is that this OS comes with a newer NSS version that disallows the SHA1 signature algorithm.

To fix, edit file /etc/crypto-policies/back-ends/nss.config on your VPN server. Find the line:

config="disallow=ALL allow=HMAC-SHA256:HMAC-SHA1 ...

Insert SHA1: so that the line becomes:

config="disallow=ALL allow=SHA1:HMAC-SHA256:HMAC-SHA1 ...

Save the file and run sudo service ipsec restart. Then re-connect the VPN client.

chenj-freedom commented 1 year ago

On Win10, still have this problem. My VPN server is centOS7, and I can't find '/etc/crypto-policies/back-ends/nss.config' this file. Could you give me some advice?

letoams commented 1 year ago

On Wed, 8 Mar 2023, chenj_freedom wrote:

On Win10, still have this problem. My VPN server is centOS7, and I can't find '/etc/crypto-policies/back-ends/nss.config' this file. Could you give me some advice?

If your system does not have crypto-policies, then just delete the line that is trying to include that. It is only changing the set of defaults and libreswan has strong builtin defaults already.

chenj-freedom commented 1 year ago

On Wed, 8 Mar 2023, chenj_freedom wrote: On Win10, still have this problem. My VPN server is centOS7, and I can't find '/etc/crypto-policies/back-ends/nss.config' this file. Could you give me some advice? If your system does not have crypto-policies, then just delete the line that is trying to include that. It is only changing the set of defaults and libreswan has strong builtin defaults already.

I can't find '/etc/crypto-policies/back-ends/nss.config' in my CentOS7. where should I delete the line?

letoams commented 1 year ago

On Wed, 8 Mar 2023, chenj_freedom wrote:

I can't find '/etc/crypto-policies/back-ends/nss.config' in my CentOS7. where should I delete the line?

/etc/ipsec.conf