1

I am trying to configure a strongSwan IPsec VPN with RADIUS authentication. The actual EAP-MSCHAPv2 authentication to FreeRadius with OpenLDAP for username/passwords is successful, but then I am stuck with the following error message:

Jul 15 21:31:04 odroidc4 charon-systemd[814594]: authentication of '100.80.129.171' with EAP successful
Jul 15 21:31:04 odroidc4 charon-systemd[814594]: constraint check failed: peer not authenticated by CA 'C=DE, O=ahpohl, CN=ahpohl Root CA'
Jul 15 21:31:04 odroidc4 charon-systemd[814594]: selected peer config 'eap-radius' unacceptable: non-matching authentication done
Jul 15 21:31:04 odroidc4 charon-systemd[814594]: no alternative config found

Searching for the constraint check failure message did not give any conclusive results. I tried Windows 10 Pro and iPhone iOS 15.5 clients, both fail with same constraint check.

How do I make the check pass or alternatively disable the check? Who is meant with 'peer', the client or the RADIUS server?

I use the following swantctl.conf:

connections {
  eap-radius {
    pools = ipv4, ipv6
    send_cert = always
    local {
      auth = pubkey
      certs = vpnCert.pem
      id = vpn.ahpohl.com
    }
    remote {
      auth = eap-radius
      cacerts = ahpohlCert.pem
      eap_id = %any
    }
    children {
      eap-radius {
        local_ts = 0.0.0.0/0, ::/0
        esp_proposals = aes256-sha256-sha1-modp2048
      }
      version = 2
      proposals = aes256-sha256-modp2048
    }
  }
}

pools {
  ipv4 {
    addrs = 10.10.1.64/26
    dns = 192.168.178.1
  }
  ipv6 {
    addrs = 2a02:168:4407:1::/122
    dns = fd00::ca0e:14ff:fe0c:e6a5
  }
}

The CA and the server certificate were created using the strongSwan pki tool:

# create CA
pki --gen --type rsa --size 3072 --outform pem > private/ahpohlKey.pem
pki --self --ca --lifetime 3652 --in private/ahpohlKey.pem --dn "C=DE, O=ahpohl, CN=ahpohl Root CA" --outform pem > x509ca/ahpohlCert.pem

# create server certificate:
pki --gen --type rsa --size 3072 --outform pem > private/vpnKey.pem
pki --req --type priv --in private/vpnKey.pem --dn "C=DE, O=ahpohl, CN=vpn.ahpohl.com" --san vpn.ahpohl.com --outform pem > vpnReq.pem
pki --issue --cacert x509ca/ahpohlCert.pem --cakey private/ahpohlKey.pem --type pkcs10 --in vpnReq.pem --serial 01 --lifetime 1826 --flag serverAuth --flag ikeIntermediate --crl https://www.ahpohl.com/crl/ahpohl.crl --outform pem > x509/vpnCert.pem

I followed the howtos on the StrongSwan wiki for strongSwan configuration, cert creation and certificate interoperability recommendations. The full connection logs of the strongSwan VPN gateway and the FreeRadius radiusd -X debug output are a bit long to be put here, but available if necessary.

Improve this question
0

1 Answer 1

Reset to default
1

Do not specify remote { cacerts= }. This option implies that the VPN client should send its own 'user' or 'machine' certificate for IKE authentication, which contradicts your goal of using only EAP to authenticate clients. Since your clients don't send certificates, only passwords, they will never match this connection.

You should even add send_certreq=no to make strongSwan not request a certificate, since it won't be validated anyway (which might considerably speed up the handshake by not having the server send a huge list of acceptable CAs, which it otherwise does by default).

(It's not impossible to use both certificates and MSCHAP, but... if you had client certificates, you could just use them for authentication in the first place, without bothering with RADIUS or MSCHAP at all.)

Note that version and proposals (and send_certreq) should be specified at connection level, not inside children{}, since they're "global" IKE parameters. (The examples in strongSwan wiki appear to be wrong.)

connections {
    vpn {
        version = 2
        local = { ... }
        send_cert = always
        remote = { ... }
        send_certreq = no
        proposals = aes256-sha256-modp2048
        children = {
            vpn = { ... }
        }
        pools = ipv4, ipv6
    }
}
Improve this answer
4
  • Thank you for your quick response. Removing cacerts= from the remote = { ... } section solved the issue.
    – apohl
    Commented Jul 16, 2022 at 11:08
  • What wrong examples on the wiki are you referring to?
    – ecdsa
    Commented Jul 18, 2022 at 8:07
  • @ecdsa: All three under "Interop > Windows", e.g. docs.strongswan.org/docs/5.9/interop/…, which is probably where OP copied their config from. (I've mixed up the docs website and the old redmine wiki site.)
    – grawity_u1686
    Commented Jul 18, 2022 at 8:25
  • Thanks. Looks like these were copied from the regression test scenarios (which strangely often have settings after the children section) but a closing brace went missing. I've simplified and fixed the configs (the explicit proposals weren't ideal as they restrict algorithms for clients that would support stronger ones).
    – ecdsa
    Commented Jul 22, 2022 at 8:01

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .