StrongSwan

Revision as of 23:37, 11 July 2018 by Sam (talk | contribs) (Spell check)

strongSwan is a VPN server that allows a connection over the insecure internet to a secure private network. The connection is encrypted and authenticated for confidentiality and to prevent tampering of the data. It allows the following:

  • Secure internet browsing over an insecure, open Wi-Fi connection.
  • Allows full access to your internal network securely over the insecure internet.

We will be setting up the connection to allow a connection from this server to a Windows 10 1803 (Spring Creators Update) client. Windows 10 1803 supports the Internet Key Exchange v2 (IKEv2), which is a modern VPN protocol and has some provisions for working over the internet, such as MOBIKE. This helps in situations where the internet connection maybe poor and has to reconnect. Windows 10 1803 supports the use of the following modern ciphers:

  • Certificate authentication.
  • ECDSA certificates (256 and 384-bit keys).
  • ESP supports AES-GCM 128 & 256-bit for both encryption and authentication.

We will be configuring our connection to use ECDSA 384-bit certificates and AES256-GCM encryption/authentication, currently the strongest supported settings.

Note that Windows initially uses VERY weak encryption and authentication schemes by default (from the Windows 2000 days) so it is very important to set up the connection correctly and not use the default Windows settings.

strongSwan 5.6.0 in openSUSE Leap 15.0 were used as the basis for this guide.

Commands under Windows with the icon may need administrator credentials to complete them.

What is needed

Make sure the following packages is installed:

  • strongswan
  • openssl

Allow any dependencies the packages asks for.

IKEv2 requires port 500 and 4500 to be port forwarded/opened in the firewall.

Creating the certificates

IKEv2 can use a Username/Pre-shared Key (PSK) for authentication. This is a very weak method of authenticating and is easily brute-forced. Certificates, especially when created correctly, are the strongest possible way to authenticate.

We will be creating modern, elliptic curve certificates. These use very short keys (384-bits) compared to RSA keys (4096-bits) but provide the same amount of security.

Initial setup

  1. As most of this work will require root privileges, open a Terminal and elevate to root by typing su. Type the root user password.
  2. Move to the correct path. If strongSwan is installed correctly, you should be able to type cd /etc/ipsec.d. This is strongSwan's PKI directory.

Creating a self-signed certificate authority (CA)

To sign out certificates we will be creating, we first need to create a CA certificate.

  1. Make sure you are in the correct directory above.
  2. Generate a private key for the CA:
    ipsec pki --gen --type ecdsa --size 384 --outform pem > private/CAkey.pem
  3. Change the permissions of the private key, so that only root can access it:
    chmod 600 private/CAkey.pem
  4. Now we have the private key, generate the CA certificate:
    ipsec pki --self --ca --lifetime 3650 --in private/CAkey.pem --type ecdsa --dn "C=GB, O=strongSwan, CN=strongSwan Root CA" --outform pem > cacerts/CAcert.pem

You now have a self-signed CA certificate, ready to sign any certificates to be used by the VPN server.

IMPORTANT: The private key, created in the private folder must NEVER be disclosed. If anybody were to obtain access to this key, they would be able to create any certificate they like, impersonate you and connect to the server. As this is the CA certificate, a compromise would require a whole new CA key, certificate and any certificates signed by the old, compromised CA. KEEP THIS SAFE.

Creating a certificate for the server

  1. Make sure you are still in the correct directory.
  2. Generate a private key for the certificate:
    ipsec pki --gen --type ecdsa --size 384 --outform pem > private/serverkey.pem
  3. Change the permissions of the private key, so that only root can access it:
    chmod 600 private/serverkey.pem
  4. Now we have the private key, generate the server certificate:
    ipsec pki --pub --in private/serverkey.pem --type ecdsa | ipsec pki --issue --lifetime 365 --cacert cacerts/CAcert.pem --cakey private/CAkey.pem --dn "C=GB, O=strongSwan, CN=thinkserver.freddythechick.uk" --san thinkserver.freddythechick.uk --flag serverAuth --outform pem > certs/servercert.pem

The certificate created will be used to authenticate the VPN server. Only one needs creating.

IMPORTANT NOTES

When customising to fit your server, certain parts of the certificate generation must be done correctly for Windows to allow the certificate to be used. If not done correctly, Windows will refuse to connect. It is advisable to make sure these are correct in the first place to avoid errors further down the line and painstaking troubleshooting.

  • The Common Name (CN) part of the Distinguishable Name (DN) MUST be the DNS resolvable name you will be using to connect to the VPN server from Windows.
  • The SAN MUST also be the DNS resolvable name you will be using to connect to the VPN server from Windows. It MUST also match the CN from the DN.
  • It MUST contain the serverAuth flag.

Creating a certificate for clients

Each client that needs to connect to the server requires a certificate to be generated for it.

  1. Make sure you are still in the correct directory.
  2. Generate a private key for the certificate:
    ipsec pki --gen --type ecdsa --size 384 --outform pem > private/client1key.pem
  3. Change the permissions of the private key, so that only root can access it:
    chmod 600 private/client1key.pem
  4. Now we have the private key, generate the server certificate:
    ipsec pki --pub --in private/client1key.pem --type ecdsa | ipsec pki --issue --lifetime 365 --cacert cacerts/CAcert.pem --cakey private/CAkey.pem --dn "C=GB, O=strongSwan, CN=username@freddythechick.uk" --san username@freddythechick.uk --outform pem > certs/client1cert.pem

The CN in the DN this time is a username@the root DNS address. The CN can actually be anything in this instance. No flags are required.

Packaging the required certificates and keys for Windows

All the keys and certificates required for the connection can be packaged into a PKCS#12 package, to allow easy installation on Windows.

  1. Make sure you are still in the correct directory.
  2. Use OpenSSL to create the PKCS#12 package:
    openssl pkcs12 -export -inkey private/client1key.pem -in certs/client1cert.pem -name "Windows Client 1 VPN Certificate" -certfile cacerts/CAcert.pem -caname "strongSwan Root CA" -out client1.p12
  3. Type a password you will remember when asked. This will protect the private key while it is in transit.
  4. Retype the password you just typed.

The name field gives the certificate a friendly name when installed in Windows and can be anything. The p12 file needs to be copied locally to the Windows machine that the certificates and keys need installing on.

Configuring strongSwan

Configuration is carried out in /etc/ipsec.conf and /etc/ipsec.secrets. These basic code snippets will be enough to get the VPN tunnel working, but can be tweaked and configured to your requirements.

/etc/ipsec.conf

conn windows
     leftcert=servercert.pem
     leftsubnet=0.0.0.0/0
     esp=aes256gcm16!
     rightsourceip=10.126.127.0/24
     keyechange=ikev2
     auto=add
  • In this instance, left is the server and right are the hosts.
  • leftsubnet=0.0.0.0/0 forwards everything over the tunnel. If you want to narrow this to only your network and not everything (including the internet), this can be narrowed. For example, leftsubnet=192.168.0.0/24.

/etc/ipsec.secrets

This file points to the private key of the server.

%any : ECDSA serverkey.pem

Configuring Windows

This part is arguably the more trickier part of the procedure. The Windows "Agile VPN" client has particular ways it must be configured or the VPN connection will fail. Error messages emitted when the connection fails are generally unhelpful and need manual troubleshooting to find the problem. If followed correctly, these procedures will allow you to connect successfully first time.

Installing the certificates

Before we can install the certificate, the .p12 file we generated earlier must be copied locally to the computer it will be installed on. They don't seem to install properly when you try installing from a network share.

Remember that each client must have its own certificate generated. Certificates should not be reused for other machines.

  • Double-click on the .p12 certificate file.
  • On the first "Welcome to the Certificate Import Wizard" page, change the "Store Location" from Current User to Local Machine.
  •   Click Next.
  • The file name provided should be OK. Click Next.
  • In the password box, type the password you provided to generate the file earlier. Make sure the "Include all extended properties." check box is ticked.
  • If you would like to be able to backup the certificate later, you may want to check the "Mark this key as exportable. This will allow you to back up or transport your keys at a later time." check box. Bearing in mind, if you have the certificates and keys on the server, these can be exported at a later time if needed. If this text box is not ticked, your private key is kept secure if, for example, your computer was stolen.
  • Click Next.
  • The radio box should be in "Automatically select the certificate store based on the type of certificate" box. This is OK.
  • Click Next.
  • On the "Completing the Certificate Import Wizard" page, click Finish. You should get a prompt saying the import was successful. This will complete the import.

For the certificates to be found by the VPN client, they must be installed in the Computer store, not the User store. Hence, make sure the "Store Location" is changed from Current User to Local Machine.

Making the VPN profile

Windows 10 has two ways of making a new VPN profile, via the Control Panel or via the Settings App. We will be using the Control Panel method as this allows more control of the profile.

  • Open the Control Panel. Change to the Large Icon view if needed.
  • Click Network and Sharing Centre.
  • Under your active networks section, in the "Change your network settings" section, click "Set up a new connection or network".
  • Under "Choose a connection option", click "Connect to a workplace". Then click Next.
  • Under "How do you want to connect?", click "Use my Internet connection (VPN)".
  • In the Internet address box, type your DNS name to your VPN server.
  • In the Destination name box, give your profile a name of your choosing.
  •   Make sure the "Allow other people to use this connection" tick box is checked.
  • Click Create. Your new profile will then be created.

You MUST use the same DNS name as you specified earlier on the certificate under CN in the DN and the SAN.

You MUST click the "Allow other people to use this connection" tick box so that it becomes a system wide connection and it can use the Machine Certificates.

We must now set the connection to use IKEv2.

  • In the previous Network and Sharing Centre window, click Change adapter settings, down the left hand side.
  • There will be a new connection created here with the name you gave it earlier.   Right click on the connection and click Properties.
  • Click on the Security tab.
  • Under the "Type of VPN" drop-down menu, change the type to IKEv2. The options under "Authentication" should change. Click and select the Use machine certificates radio button. Then click OK.

The connection is now ready.

Configuring strong encryption/ECDSA for the VPN connection

Windows PowerShell is used to change the encryption settings for the VPN connection.

  • In the Start menu, type "powershell".   Click "Windows PowerShell" when it appears. It may take a few moments for the prompt to be appear and become ready to use.
  • The following code snippet needs to be typed in to change the encryption settings for the VPN settings
Set-VpnConnectionIPsecConfiguration -ConnectionName "VPN Connection" -AuthenticationTransformConstant

s GCMAES256 -CipherTransformConstants GCMAES256 -EncryptionMethod GCMAES256 -IntegrityCheckMethod SHA384 -DHGroup ECP384

-PfsGroup none -PassThru -AllUserConnection
  • Press the ↵ Enter key.
  • Type Y to confirm the settings and press the ↵ Enter key.
  • The following will be returned by PowerShell:
AuthenticationTransformConstants : GCMAES256
CipherTransformConstants         : GCMAES256
DHGroup                          : ECP384
IntegrityCheckMethod             : SHA384
PfsGroup                         : None
EncryptionMethod                 : GCMAES256
  • The connection should now be ready to use!

Miscellaneous Settings

There is a Windows registry key that may need to be enabled to allow the use of stronger encryption settings. It is not clear at this stage if these settings are required, but the instructions are left here in case they are needed.

  • Press ⊞ Win+R to open the Run box.
  •   Type regedit and click OK.
  • Navigate to the following registry path:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Rasman\Parameters\
  • Right-click in the right pane, hover over New and click DWORD (32-bit) Value.
  • Give the new key the name NegotiateDH2048_AES256.
  • Double-click the key to open the key. In the value box, change the 0 to a 2. Click OK.
  • Close the Registry Editor
  • Restart the machine.