I’m using ubuntu server 16.04 LTS with strongSwan. VPN setup is IPsec IKEv2 based on https://github.com/trailofbits/algo (slightly adjusted). It works well when connecting as IKEv2 client from macOS, iOS or Windows.
Mikrotik is hAP ac with RouterOS 6.42.1.
I see that Phase 1 and 2 ciphers are matching now, client authenticates with certificate, no errors on strongSwan side but somehow I’m still getting “peer wants unsupported auth method: 9”.
It was same error when there was a problem with mismatching ciphers, but now I can’t see what’s wrong.
strongSwan log
May 21 21:13:03 ubuntu-server charon: 06[NET] received packet: from <CLIENT.IP.HERE>[9542] to <SERVER.IP.HERE>[4500]
May 21 21:13:03 ubuntu-server charon: 09[MGR] checkout IKE_SA by message
May 21 21:13:03 ubuntu-server charon: 09[MGR] created IKE_SA (unnamed)[3]
May 21 21:13:03 ubuntu-server charon: 09[NET] received packet: from <CLIENT.IP.HERE>[9542] to <SERVER.IP.HERE>[4500] (232 bytes)
May 21 21:13:03 ubuntu-server charon: 09[ENC] parsed IKE_SA_INIT request 0 [ N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
May 21 21:13:03 ubuntu-server charon: 09[CFG] looking for an ike config for <SERVER.IP.HERE>...<CLIENT.IP.HERE>
May 21 21:13:03 ubuntu-server charon: 09[CFG] candidate: %any...%any, prio 28
May 21 21:13:03 ubuntu-server charon: 09[CFG] found matching ike config: %any...%any with prio 28
May 21 21:13:03 ubuntu-server charon: 09[IKE] <CLIENT.IP.HERE> is initiating an IKE_SA
May 21 21:13:03 ubuntu-server charon: 09[IKE] IKE_SA (unnamed)[3] state change: CREATED => CONNECTING
May 21 21:13:03 ubuntu-server charon: 09[CFG] selecting proposal:
May 21 21:13:03 ubuntu-server charon: 09[CFG] no acceptable ENCRYPTION_ALGORITHM found
May 21 21:13:03 ubuntu-server charon: 09[CFG] selecting proposal:
May 21 21:13:03 ubuntu-server charon: 09[CFG] proposal matches
May 21 21:13:03 ubuntu-server charon: 09[CFG] received proposals: IKE:AES_CBC_128/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/ECP_256
May 21 21:13:03 ubuntu-server charon: 09[CFG] configured proposals: IKE:AES_GCM_16_128/PRF_HMAC_SHA2_512/ECP_256, IKE:AES_CBC_128/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/ECP_256, IKE:AES_CBC_128/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/ECP_256
May 21 21:13:03 ubuntu-server charon: 09[CFG] selected proposal: IKE:AES_CBC_128/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/ECP_256
May 21 21:13:03 ubuntu-server charon: 09[IKE] remote host is behind NAT
May 21 21:13:03 ubuntu-server charon: 09[IKE] sending cert request for "CN=<SERVER.IP.HERE>"
May 21 21:13:03 ubuntu-server charon: 09[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
May 21 21:13:03 ubuntu-server charon: 09[NET] sending packet: from <SERVER.IP.HERE>[4500] to <CLIENT.IP.HERE>[9542] (273 bytes)
May 21 21:13:03 ubuntu-server charon: 09[MGR] checkin IKE_SA (unnamed)[3]
May 21 21:13:03 ubuntu-server charon: 09[MGR] check-in of IKE_SA successful.
May 21 21:13:03 ubuntu-server charon: 07[NET] sending packet: from <SERVER.IP.HERE>[4500] to <CLIENT.IP.HERE>[9542]
May 21 21:13:03 ubuntu-server charon: 06[NET] waiting for data on sockets
May 21 21:13:03 ubuntu-server charon: 06[NET] received packet: from <CLIENT.IP.HERE>[9542] to <SERVER.IP.HERE>[4500]
May 21 21:13:03 ubuntu-server charon: 02[MGR] checkout IKE_SA by message
May 21 21:13:03 ubuntu-server charon: 02[MGR] IKE_SA (unnamed)[3] successfully checked out
May 21 21:13:03 ubuntu-server charon: 02[NET] received packet: from <CLIENT.IP.HERE>[9542] to <SERVER.IP.HERE>[4500] (1248 bytes)
May 21 21:13:03 ubuntu-server charon: 02[ENC] parsed IKE_AUTH request 1 [ IDi AUTH CERT CERTREQ N(INIT_CONTACT) SA TSi TSr CPRQ(ADDR MASK SUBNET DNS) ]
May 21 21:13:03 ubuntu-server charon: 02[IKE] received end entity cert "CN=ealeks-rsa"
May 21 21:13:03 ubuntu-server charon: 02[CFG] looking for peer configs matching <SERVER.IP.HERE>[%any]...<CLIENT.IP.HERE>[CN=ealeks-rsa]
May 21 21:13:03 ubuntu-server charon: 02[CFG] candidate "ikev2-pubkey", match: 1/1/28 (me/other/ike)
May 21 21:13:03 ubuntu-server charon: 02[CFG] selected peer config 'ikev2-pubkey'
May 21 21:13:03 ubuntu-server charon: 02[CFG] using certificate "CN=ealeks-rsa"
May 21 21:13:03 ubuntu-server charon: 02[CFG] certificate "CN=ealeks-rsa" key: 2048 bit RSA
May 21 21:13:03 ubuntu-server charon: 02[CFG] using trusted ca certificate "CN=<SERVER.IP.HERE>"
May 21 21:13:03 ubuntu-server charon: 02[CFG] checking certificate status of "CN=ealeks-rsa"
May 21 21:13:03 ubuntu-server charon: 02[CFG] ocsp check skipped, no ocsp found
May 21 21:13:03 ubuntu-server charon: 02[CFG] certificate status is not available
May 21 21:13:03 ubuntu-server charon: 02[CFG] certificate "CN=<SERVER.IP.HERE>" key: 256 bit ECDSA
May 21 21:13:03 ubuntu-server charon: 02[CFG] reached self-signed root ca with a path length of 0
May 21 21:13:03 ubuntu-server charon: 02[IKE] authentication of 'CN=ealeks-rsa' with RSA signature successful
May 21 21:13:03 ubuntu-server charon: 02[IKE] processing INTERNAL_IP4_ADDRESS attribute
May 21 21:13:03 ubuntu-server charon: 02[IKE] processing INTERNAL_IP4_NETMASK attribute
May 21 21:13:03 ubuntu-server charon: 02[IKE] processing INTERNAL_IP4_SUBNET attribute
May 21 21:13:03 ubuntu-server charon: 02[IKE] processing INTERNAL_IP4_DNS attribute
May 21 21:13:03 ubuntu-server charon: 02[IKE] authentication of '<SERVER.IP.HERE>' (myself) with ECDSA-256 signature successful
May 21 21:13:03 ubuntu-server charon: 02[IKE] IKE_SA ikev2-pubkey[3] established between <SERVER.IP.HERE>[<SERVER.IP.HERE>]...<CLIENT.IP.HERE>[CN=ealeks-rsa]
May 21 21:13:03 ubuntu-server charon: 02[IKE] IKE_SA ikev2-pubkey[3] state change: CONNECTING => ESTABLISHED
May 21 21:13:03 ubuntu-server charon: 02[IKE] sending end entity cert "CN=<SERVER.IP.HERE>"
May 21 21:13:03 ubuntu-server charon: 02[IKE] peer requested virtual IP %any
May 21 21:13:03 ubuntu-server charon: 02[CFG] reassigning offline lease to 'CN=ealeks-rsa'
May 21 21:13:03 ubuntu-server charon: 02[IKE] assigning virtual IP 10.19.48.1 to peer 'CN=ealeks-rsa'
May 21 21:13:03 ubuntu-server charon: 02[IKE] building INTERNAL_IP4_DNS attribute
May 21 21:13:03 ubuntu-server charon: 02[CFG] looking for a child config for 0.0.0.0/0 === 0.0.0.0/0
May 21 21:13:03 ubuntu-server charon: 02[CFG] proposing traffic selectors for us:
May 21 21:13:03 ubuntu-server charon: 02[CFG] 0.0.0.0/0
May 21 21:13:03 ubuntu-server charon: 02[CFG] ::/0
May 21 21:13:03 ubuntu-server charon: 02[CFG] proposing traffic selectors for other:
May 21 21:13:03 ubuntu-server charon: 02[CFG] 10.19.48.1/32
May 21 21:13:03 ubuntu-server charon: 02[CFG] candidate "ikev2-pubkey" with prio 5+1
May 21 21:13:03 ubuntu-server charon: 02[CFG] found matching child config "ikev2-pubkey" with prio 6
May 21 21:13:03 ubuntu-server charon: 02[CFG] selecting proposal:
May 21 21:13:03 ubuntu-server charon: 02[CFG] no acceptable ENCRYPTION_ALGORITHM found
May 21 21:13:03 ubuntu-server charon: 02[CFG] selecting proposal:
May 21 21:13:03 ubuntu-server charon: 02[CFG] no acceptable PSEUDO_RANDOM_FUNCTION found
May 21 21:13:03 ubuntu-server charon: 02[CFG] selecting proposal:
May 21 21:13:03 ubuntu-server charon: 02[CFG] proposal matches
May 21 21:13:03 ubuntu-server charon: 02[CFG] received proposals: ESP:AES_CBC_128/HMAC_SHA2_512_256/NO_EXT_SEQ
May 21 21:13:03 ubuntu-server charon: 02[CFG] configured proposals: ESP:AES_GCM_16_128/ECP_256/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/ECP_256/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_512_256/NO_EXT_SEQ
May 21 21:13:03 ubuntu-server charon: 02[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA2_512_256/NO_EXT_SEQ
May 21 21:13:03 ubuntu-server charon: 02[KNL] got SPI c4f27f7b
May 21 21:13:03 ubuntu-server charon: 02[CFG] selecting traffic selectors for us:
May 21 21:13:03 ubuntu-server charon: 02[CFG] config: 0.0.0.0/0, received: 0.0.0.0/0 => match: 0.0.0.0/0
May 21 21:13:03 ubuntu-server charon: 02[CFG] config: ::/0, received: 0.0.0.0/0 => no match
May 21 21:13:03 ubuntu-server charon: 02[CFG] selecting traffic selectors for other:
May 21 21:13:03 ubuntu-server charon: 02[CFG] config: 10.19.48.1/32, received: 0.0.0.0/0 => match: 10.19.48.1/32
May 21 21:13:03 ubuntu-server charon: 02[KNL] adding SAD entry with SPI c4f27f7b and reqid {3} (mark 0/0x00000000)
May 21 21:13:03 ubuntu-server charon: 02[KNL] using encryption algorithm AES_CBC with key size 128
May 21 21:13:03 ubuntu-server charon: 02[KNL] using integrity algorithm HMAC_SHA2_512_256 with key size 512
May 21 21:13:03 ubuntu-server charon: 02[KNL] using replay window of 32 packets
May 21 21:13:03 ubuntu-server charon: 02[KNL] adding SAD entry with SPI 02415495 and reqid {3} (mark 0/0x00000000)
May 21 21:13:03 ubuntu-server charon: 02[KNL] using encryption algorithm AES_CBC with key size 128
May 21 21:13:03 ubuntu-server charon: 02[KNL] using integrity algorithm HMAC_SHA2_512_256 with key size 512
May 21 21:13:03 ubuntu-server charon: 02[KNL] using replay window of 32 packets
May 21 21:13:03 ubuntu-server charon: 02[KNL] adding policy 0.0.0.0/0 === 10.19.48.1/32 out (mark 0/0x00000000)
May 21 21:13:03 ubuntu-server charon: 02[KNL] adding policy 10.19.48.1/32 === 0.0.0.0/0 in (mark 0/0x00000000)
May 21 21:13:03 ubuntu-server charon: 02[KNL] adding policy 10.19.48.1/32 === 0.0.0.0/0 fwd (mark 0/0x00000000)
May 21 21:13:03 ubuntu-server charon: 02[KNL] getting a local address in traffic selector 0.0.0.0/0
May 21 21:13:03 ubuntu-server charon: 02[KNL] using host %any
May 21 21:13:03 ubuntu-server charon: 02[KNL] using 172.31.1.1 as nexthop to reach <CLIENT.IP.HERE>/32
May 21 21:13:03 ubuntu-server charon: 02[KNL] <SERVER.IP.HERE> is on interface eth0
May 21 21:13:03 ubuntu-server charon: 02[KNL] installing route: 10.19.48.1/32 via 172.31.1.1 src %any dev eth0
May 21 21:13:03 ubuntu-server charon: 02[KNL] getting iface index for eth0
May 21 21:13:03 ubuntu-server charon: 06[NET] waiting for data on sockets
May 21 21:13:03 ubuntu-server charon: 02[KNL] policy 0.0.0.0/0 === 10.19.48.1/32 out (mark 0/0x00000000) already exists, increasing refcount
May 21 21:13:03 ubuntu-server charon: 02[KNL] updating policy 0.0.0.0/0 === 10.19.48.1/32 out (mark 0/0x00000000)
May 21 21:13:03 ubuntu-server charon: 02[KNL] policy 10.19.48.1/32 === 0.0.0.0/0 in (mark 0/0x00000000) already exists, increasing refcount
May 21 21:13:03 ubuntu-server charon: 02[KNL] updating policy 10.19.48.1/32 === 0.0.0.0/0 in (mark 0/0x00000000)
May 21 21:13:03 ubuntu-server charon: 02[KNL] policy 10.19.48.1/32 === 0.0.0.0/0 fwd (mark 0/0x00000000) already exists, increasing refcount
May 21 21:13:03 ubuntu-server charon: 02[KNL] updating policy 10.19.48.1/32 === 0.0.0.0/0 fwd (mark 0/0x00000000)
May 21 21:13:03 ubuntu-server charon: 02[KNL] getting a local address in traffic selector 0.0.0.0/0
May 21 21:13:03 ubuntu-server charon: 02[KNL] using host %any
May 21 21:13:03 ubuntu-server charon: 02[KNL] using 172.31.1.1 as nexthop to reach <CLIENT.IP.HERE>/32
May 21 21:13:03 ubuntu-server charon: 02[KNL] <SERVER.IP.HERE> is on interface eth0
May 21 21:13:03 ubuntu-server charon: 02[IKE] CHILD_SA ikev2-pubkey{3} established with SPIs c4f27f7b_i 02415495_o and TS 0.0.0.0/0 === 10.19.48.1/32
May 21 21:13:03 ubuntu-server charon: 02[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH CPRP(ADDR DNS) SA TSi TSr ]
May 21 21:13:03 ubuntu-server charon: 02[NET] sending packet: from <SERVER.IP.HERE>[4500] to <CLIENT.IP.HERE>[9542] (800 bytes)
May 21 21:13:03 ubuntu-server charon: 07[NET] sending packet: from <SERVER.IP.HERE>[4500] to <CLIENT.IP.HERE>[9542]
May 21 21:13:03 ubuntu-server charon: 02[MGR] checkin IKE_SA ikev2-pubkey[3]
May 21 21:13:03 ubuntu-server charon: 02[MGR] check-in of IKE_SA successful.
May 21 21:13:03 ubuntu-server charon: 06[NET] received packet: from <CLIENT.IP.HERE>[9542] to <SERVER.IP.HERE>[4500]
May 21 21:13:03 ubuntu-server charon: 12[MGR] checkout IKE_SA by message
May 21 21:13:03 ubuntu-server charon: 12[MGR] IKE_SA ikev2-pubkey[3] successfully checked out
May 21 21:13:03 ubuntu-server charon: 12[NET] received packet: from <CLIENT.IP.HERE>[9542] to <SERVER.IP.HERE>[4500] (272 bytes)
May 21 21:13:03 ubuntu-server charon: 12[ENC] parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
May 21 21:13:03 ubuntu-server charon: 12[IKE] received DELETE for IKE_SA ikev2-pubkey[3]
May 21 21:13:03 ubuntu-server charon: 12[IKE] deleting IKE_SA ikev2-pubkey[3] between <SERVER.IP.HERE>[<SERVER.IP.HERE>]...<CLIENT.IP.HERE>[CN=ealeks-rsa]
May 21 21:13:03 ubuntu-server charon: 12[IKE] IKE_SA ikev2-pubkey[3] state change: ESTABLISHED => DELETING
May 21 21:13:03 ubuntu-server charon: 12[IKE] IKE_SA deleted
May 21 21:13:03 ubuntu-server charon: 12[ENC] generating INFORMATIONAL response 2 [ ]
May 21 21:13:03 ubuntu-server charon: 12[NET] sending packet: from <SERVER.IP.HERE>[4500] to <CLIENT.IP.HERE>[9542] (96 bytes)
May 21 21:13:04 ubuntu-server charon: 12[MGR] checkin and destroy IKE_SA ikev2-pubkey[3]
May 21 21:13:04 ubuntu-server charon: 12[IKE] IKE_SA ikev2-pubkey[3] state change: DELETING => DESTROYING
May 21 21:13:04 ubuntu-server charon: 12[KNL] deleting policy 0.0.0.0/0 === 10.19.48.1/32 out (mark 0/0x00000000)
May 21 21:13:04 ubuntu-server charon: 12[KNL] policy still used by another CHILD_SA, not removed
May 21 21:13:04 ubuntu-server charon: 12[KNL] updating policy 0.0.0.0/0 === 10.19.48.1/32 out (mark 0/0x00000000)
May 21 21:13:04 ubuntu-server charon: 12[KNL] deleting policy 10.19.48.1/32 === 0.0.0.0/0 in (mark 0/0x00000000)
May 21 21:13:04 ubuntu-server charon: 12[KNL] policy still used by another CHILD_SA, not removed
May 21 21:13:04 ubuntu-server charon: 12[KNL] updating policy 10.19.48.1/32 === 0.0.0.0/0 in (mark 0/0x00000000)
May 21 21:13:04 ubuntu-server charon: 12[KNL] deleting policy 10.19.48.1/32 === 0.0.0.0/0 fwd (mark 0/0x00000000)
May 21 21:13:04 ubuntu-server charon: 12[KNL] policy still used by another CHILD_SA, not removed
May 21 21:13:04 ubuntu-server charon: 12[KNL] updating policy 10.19.48.1/32 === 0.0.0.0/0 fwd (mark 0/0x00000000)
May 21 21:13:04 ubuntu-server charon: 12[KNL] getting a local address in traffic selector 0.0.0.0/0
May 21 21:13:04 ubuntu-server charon: 12[KNL] using host %any
May 21 21:13:04 ubuntu-server charon: 12[KNL] using 172.31.1.1 as nexthop to reach <CLIENT.IP.HERE>/32
May 21 21:13:04 ubuntu-server charon: 12[KNL] <SERVER.IP.HERE> is on interface eth0
May 21 21:13:04 ubuntu-server charon: 12[KNL] deleting policy 0.0.0.0/0 === 10.19.48.1/32 out (mark 0/0x00000000)
May 21 21:13:04 ubuntu-server charon: 12[KNL] deleting policy 10.19.48.1/32 === 0.0.0.0/0 in (mark 0/0x00000000)
May 21 21:13:04 ubuntu-server charon: 12[KNL] deleting policy 10.19.48.1/32 === 0.0.0.0/0 fwd (mark 0/0x00000000)
May 21 21:13:04 ubuntu-server charon: 12[KNL] getting iface index for eth0
May 21 21:13:04 ubuntu-server charon: 07[NET] sending packet: from <SERVER.IP.HERE>[4500] to <CLIENT.IP.HERE>[9542]
May 21 21:13:04 ubuntu-server charon: 12[KNL] deleting SAD entry with SPI c4f27f7b (mark 0/0x00000000)
May 21 21:13:04 ubuntu-server charon: 12[KNL] deleted SAD entry with SPI c4f27f7b (mark 0/0x00000000)
May 21 21:13:04 ubuntu-server charon: 12[KNL] deleting SAD entry with SPI 02415495 (mark 0/0x00000000)
May 21 21:13:04 ubuntu-server charon: 12[KNL] deleted SAD entry with SPI 02415495 (mark 0/0x00000000)
May 21 21:13:04 ubuntu-server charon: 12[CFG] lease 10.19.48.1 by 'CN=ealeks-rsa' went offline
May 21 21:13:04 ubuntu-server charon: 12[MGR] check-in and destroy of IKE_SA successful
May 21 21:13:04 ubuntu-server charon: 06[NET] waiting for data on sockets
mikrotik setup:
/certificate print
Flags: K - private-key, D - dsa, L - crl, C - smart-card-key, A - authority, I - issued, R - revoked, E - expired, T - trusted
# NAME COMMON-NAME SUBJECT-ALT-NAME FINGERPRINT
0 T cacert.pem_0 <SERVER.IP.HERE> c1f0a24ea8ed87931792a29a4558ccfdef6be63e62fda27e...
1 K T ealeks-rsa.crt_0 ealeks-rsa DNS:ealeks-rsa 7355371518f5c24b723cd66c1d95e663440512ae84427f6e...
/ip ipsec proposal print
Flags: X - disabled, * - default
0 * name="default" auth-algorithms=sha1 enc-algorithms=aes-256-cbc lifetime=1h pfs-group=modp1024
1 name="proposal1" auth-algorithms=sha512 enc-algorithms=aes-128-cbc lifetime=1h pfs-group=ecp256
/ip ipsec policy print
Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default
0 T * group=default src-address=0.0.0.0/0 dst-address=0.0.0.0/0 protocol=all proposal=proposal1 template=yes
/ip ipsec peer add address=<SERVER.IP.HERE> auth-method=rsa-signature certificate=ealeks-rsa.crt_0 exchange-mode=ike2 enc-algorithm=aes-128 hash-algorithm=sha512 dh-group=ecp256 mode-config=request-only generate-policy=port-strict
Another questions is - why strongSwan can’t see ecp256 in proposal for Phase 2? It works in Phase 1 and setup in both peer (for Phase 1) and proposal (for Phase 2).
May 21 21:13:03 ubuntu-server charon: 09[CFG] received proposals: IKE:AES_CBC_128/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/ECP_256
May 21 21:13:03 ubuntu-server charon: 02[CFG] received proposals: ESP:AES_CBC_128/HMAC_SHA2_512_256/NO_EXT_SEQ
/ip ipsec proposal print
Flags: X - disabled, * - default
0 * name="default" auth-algorithms=sha1 enc-algorithms=aes-256-cbc lifetime=1h pfs-group=modp1024
1 name="proposal1" auth-algorithms=sha512 enc-algorithms=aes-128-cbc lifetime=1h pfs-group=ecp256