Thank you both very much for your quick answer, I'll certainly report this to Fortinet as I already have a ticket open with them. And if you think it could be of any help, I can report back when they fix the bug. Just to confirm, by disabling PFS on the Fortigate, everything works.
Thank you, Alexis -----Original Message----- From: Martin Willi [mailto:mar...@strongswan.org] Sent: December-13-10 12:52 AM To: Alexis Salinas Cc: users@lists.strongswan.org Subject: Re: [strongSwan] IKEv2 PFS disabled Hi Alexis, > esp=aes128-md5-modp1536! > pfs=yes The pfs keyword is not used for IKEv2 connections. If the esp proposal contains a DH group, a DH exchange is done for CREATE_CHILD_SA exchanges. > ike 0:omg-p1:64:omg-p2:962: incoming proposal: > ike 0:omg-p1:64:omg-p2:962: proposal id = 1: > ike 0:omg-p1:64:omg-p2:962: protocol = ESP: > ike 0:omg-p1:64:omg-p2:962: encapsulation = TUNNEL > ike 0:omg-p1:64:omg-p2:962: type=ENCR, val=AES_CBC (key_len = 128) > ike 0:omg-p1:64:omg-p2:962: type=INTEGR, val=MD5 > ike 0:omg-p1:64:omg-p2:962: PFS is disabled > ike 0:omg-p1:64:omg-p2:962: my proposal: > ike 0:omg-p1:64:omg-p2:962: proposal id = 1: > ike 0:omg-p1:64:omg-p2:962: protocol = ESP: > ike 0:omg-p1:64:omg-p2:962: encapsulation = TUNNEL > ike 0:omg-p1:64:omg-p2:962: type=ENCR, val=AES_CBC (key_len = 128) > ike 0:omg-p1:64:omg-p2:962: type=INTEGR, val=MD5 > ike 0:omg-p1:64:omg-p2:962: type=DH_GROUP, val=1536 > ike 0:omg-p1:64:omg-p2:962: lifetime=1800 > ike 0:omg-p1:64:omg-p2:962: no proposal chosen Fortigate expects a DH group in the piggy-packed CHILD_SA creation in IKE_AUTH. This seems wrong to me. As we have done a DH exchange in IKE_SA_INIT, it does not make much sense to repeat one in IKE_AUTH. End of section 1.2 RFC5996 says: > Note that IKE_AUTH messages do not contain KEi/KEr or Ni/Nr payloads. > Thus, the SA payloads in the IKE_AUTH exchange cannot contain > Transform Type 4 (Diffie-Hellman group) with any value other than > NONE. Implementations SHOULD omit the whole transform substructure > instead of sending value NONE. You probably should report this bug to Fortigate and/or try it without PFS enabled. Regards Martin _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users