StrongSwan VPN服务器不与客户端连接

Question

Linux是运行在Google云中的Ubuntu18.04。我遵循了以下优秀的教程来配置StrongSwan服务器：

https://www.digitalocean.com/community/tutorials/how-to-set-up-an-ikev2-vpn-server-with-strongswan-on-ubuntu-18-04-2

我在Google云中打开了端口UDP 500和4500，并启用了charon守护进程的日志记录。大多数事情似乎都是按计划进行的，直到我尝试从Windows 10 VPN连接进行连接，该连接由于“策略匹配错误”而失败。在尝试连接失败后，charon日志文件(在第1级)包含以下内容：

Jan 22 17:17:40 00[DMN] Starting IKE charon daemon (strongSwan 5.6.2, Linux 5.4.0-1034-gcp, x86_64)
Jan 22 17:17:40 00[CFG] PKCS11 module '<name>' lacks library path
Jan 22 17:17:40 00[CFG] disabling load-tester plugin, not configured
Jan 22 17:17:40 00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL
Jan 22 17:17:40 00[CFG] dnscert plugin is disabled
Jan 22 17:17:40 00[CFG] ipseckey plugin is disabled
Jan 22 17:17:40 00[CFG] attr-sql plugin: database URI not set
Jan 22 17:17:40 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Jan 22 17:17:40 00[CFG]   loaded ca certificate "CN=VPN root CA" from '/etc/ipsec.d/cacerts/ca-cert.pem'
Jan 22 17:17:40 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Jan 22 17:17:40 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Jan 22 17:17:40 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Jan 22 17:17:40 00[CFG] loading crls from '/etc/ipsec.d/crls'
Jan 22 17:17:40 00[CFG] loading secrets from '/etc/ipsec.secrets'
Jan 22 17:17:40 00[CFG]   loaded RSA private key from '/etc/ipsec.d/private/server-key.pem'
Jan 22 17:17:40 00[CFG]   loaded EAP secret for ejohanson
Jan 22 17:17:40 00[CFG] sql plugin: database URI not set
Jan 22 17:17:40 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
Jan 22 17:17:40 00[CFG] eap-simaka-sql database URI missing
Jan 22 17:17:40 00[CFG] loaded 0 RADIUS server configurations
Jan 22 17:17:40 00[CFG] HA config misses local/remote address
Jan 22 17:17:40 00[CFG] no threshold configured for systime-fix, disabled
Jan 22 17:17:40 00[CFG] coupling file path unspecified
Jan 22 17:17:40 00[LIB] loaded plugins: charon test-vectors unbound ldap pkcs11 tpm aesni aes rc2 sha2 sha1 md4 md5 mgf1 rdrand random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem openssl gcrypt af-alg fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock unity counters
Jan 22 17:17:40 00[LIB] dropped capabilities, running as uid 0, gid 0
Jan 22 17:17:40 00[JOB] spawning 16 worker threads
Jan 22 16:50:23 05[CFG] received stroke: add connection 'ikev2-vpn'
Jan 22 16:50:23 05[CFG] adding virtual IP address pool 10.10.11.0/16
Jan 22 16:50:23 05[CFG]   loaded certificate "CN=devsrv.valmarc.com" from 'server-cert.pem'
Jan 22 16:50:23 05[CFG] added configuration 'ikev2-vpn'
Jan 22 16:50:32 07[KNL] interface ens7 activated
Jan 22 16:50:32 10[KNL] interface ens6 activated
Jan 22 16:50:32 13[KNL] interface ens5 activated
Jan 22 16:50:32 10[KNL] 10.4.1.2 appeared on ens7
Jan 22 16:50:32 07[KNL] 10.3.1.2 appeared on ens6
Jan 22 16:50:33 12[KNL] 10.2.1.2 appeared on ens5
Jan 22 16:50:33 06[KNL] fe80::4001:aff:fe04:102 appeared on ens7
Jan 22 16:50:33 16[KNL] fe80::4001:aff:fe02:102 appeared on ens5
Jan 22 16:50:34 08[KNL] fe80::4001:aff:fe03:102 appeared on ens6
Jan 22 16:53:42 01[NET] received packet: from 73.249.XXX.YYY[500] to 10.1.1.2[500] (1104 bytes)
Jan 22 16:53:42 01[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(FRAG_SUP) N(NATD_S_IP) N(NATD_D_IP) V V V V ]
Jan 22 16:53:42 01[IKE] received MS NT5 ISAKMPOAKLEY v9 vendor ID
Jan 22 16:53:42 01[IKE] received MS-Negotiation Discovery Capable vendor ID
Jan 22 16:53:42 01[IKE] received Vid-Initial-Contact vendor ID
Jan 22 16:53:42 01[ENC] received unknown vendor ID: 01:52:8b:bb:c0:06:96:12:18:49:ab:9a:1c:5b:2a:51:00:00:00:02
Jan 22 16:53:42 01[IKE] 73.249.XXX.YYY is initiating an IKE_SA
Jan 22 16:53:42 01[CFG] received proposals: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:3DES_CBC/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC_128/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_CBC_192/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_192/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC_192/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC_256/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_GCM_16_128/PRF_HMAC_SHA1/MODP_1024, IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_GCM_16_128/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_GCM_16_256/PRF_HMAC_SHA1/MODP_1024, IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_GCM_16_256/PRF_HMAC_SHA2_384/MODP_1024
Jan 22 16:53:42 01[CFG] configured proposals: IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/AES_XCBC_96/AES_CMAC_96/HMAC_SHA1_96/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/NTRU_128/NTRU_192/NTRU_256/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048, IKE:AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/CHACHA20_POLY1305_256/CAMELLIA_CCM_16_128/CAMELLIA_CCM_16_192/CAMELLIA_CCM_16_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/CAMELLIA_CCM_8_128/CAMELLIA_CCM_8_192/CAMELLIA_CCM_8_256/CAMELLIA_CCM_12_128/CAMELLIA_CCM_12_192/CAMELLIA_CCM_12_256/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/NTRU_128/NTRU_192/NTRU_256/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048
Jan 22 16:53:42 01[IKE] local host is behind NAT, sending keep alives
Jan 22 16:53:42 01[IKE] remote host is behind NAT
Jan 22 16:53:42 01[IKE] received proposals inacceptable
Jan 22 16:53:42 01[ENC] generating IKE_SA_INIT response 0 [ N(NO_PROP) ]
Jan 22 16:53:42 01[NET] sending packet: from 10.1.1.2[500] to 73.249.XXX.YYY[500] (36 bytes)

作为参考，这里是my /etc/ipsec.conf文件：

config setup
        charondebug="ike 1, knl 1, cfg 0"
        uniqueids=no

conn ikev2-vpn
        auto=add
        compress=no
        type=tunnel
        keyexchange=ikev2
        fragmentation=yes
        forceencaps=yes
        dpdaction=clear
        dpddelay=300s
        rekey=no
        left=%any
        leftid=@ZZZZZ.example.com
        leftcert=server-cert.pem
        leftsendcert=always
        leftsubnet=0.0.0.0/0
        right=%any
        rightid=%any
        rightauth=eap-mschapv2
        rightsourceip=10.10.11.0/16
        rightdns=8.8.8.8,8.8.4.4
        rightsendcert=never
        eap_identity=%identity

有人能建议如何解决这个问题吗？

Answer 1

问题是艾克的提议不符合：

Jan 22 16:53:42 01[CFG] received proposals: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:3DES_CBC/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC_128/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_CBC_192/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_192/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC_192/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC_256/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_GCM_16_128/PRF_HMAC_SHA1/MODP_1024, IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_GCM_16_128/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_GCM_16_256/PRF_HMAC_SHA1/MODP_1024, IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_GCM_16_256/PRF_HMAC_SHA2_384/MODP_1024
Jan 22 16:53:42 01[CFG] configured proposals: IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/AES_XCBC_96/AES_CMAC_96/HMAC_SHA1_96/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/NTRU_128/NTRU_192/NTRU_256/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048, IKE:AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/CHACHA20_POLY1305_256/CAMELLIA_CCM_16_128/CAMELLIA_CCM_16_192/CAMELLIA_CCM_16_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/CAMELLIA_CCM_8_128/CAMELLIA_CCM_8_192/CAMELLIA_CCM_8_256/CAMELLIA_CCM_12_128/CAMELLIA_CCM_12_192/CAMELLIA_CCM_12_256/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/NTRU_128/NTRU_192/NTRU_256/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048
Jan 22 16:53:42 01[IKE] local host is behind NAT, sending keep alives
Jan 22 16:53:42 01[IKE] remote host is behind NAT
Jan 22 16:53:42 01[IKE] received proposals inacceptable
Jan 22 16:53:42 01[ENC] generating IKE_SA_INIT response 0 [ N(NO_PROP) ]

这是因为默认情况下，Diffie-Hellman组的Windows客户端提议的是弱MODP_1024，strongSwan在几年前就将其从默认提案中删除了。

您可以修改客户机，使其使用更强的DH组(首选)，也可以修改服务器的配置，使其接受客户端提出的弱组。详情请参阅我先前的回答。