For the examples in this section we shall assume that four hosts have had the racoon daemon installed and configured as shown below. Three of these hosts are on the private 10.0.1.0/24 range (connected to the Internet through a NAT enabled router) and one is on a static publicly addressable network address. To follow these examples on your own network you will need to modify the network addresses as appropriate.
As we shall just be testing our racoon configurations we shall not configure any Security Policies at this stage. The file below will ensure that both the Security Policy Database and the Security Association Database are empty and should be installed on all hosts.
#! /usr/sbin/setkey -f
# Flush the SPD and SAD
spdflush;
flush;
The example racoon configuration below should also be installed on all the hosts which will be used. We shall modify the configuration on some hosts as we progress through this section.
log info;
path pre_shared_key "/etc/racoon/psk.txt";
complex_bundle on;
remote anonymous
{
exchange_mode main;
passive off;
nat_traversal on;
dpd_delay 30;
proposal
{
encryption_algorithm aes;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group modp2048;
lifetime time 24 hour;
}
}
sainfo anonymous
{
encryption_algorithm aes, 3des;
authentication_algorithm hmac_sha512, hmac_sha384, hmac_sha256, hmac_sha1;
compression_algorithm deflate;
pfs_group modp1024;
lifetime time 12 hour;
}
In addition to the basic configuration provided above each pair of hosts will require a unique key. The table below lists some example keys which will be used to authenticate each peer combination. As you can see, the keys used to identify each host must be symmetrical.
Source | Destination | Key |
---|---|---|
10.0.1.1 | 10.0.1.2 | 0x619b8d214a283ea1fa2e58d19bd6234200bf50efce3cb420 |
10.0.1.1 | 10.0.1.3 | 0xca0f14b7b9e19f8e239e53e8fdb3456be3c50e40052f1e64 |
10.0.1.1 | 83.56.124.167 | 0x1d4f9b09620b5fbb07ec50aebf2af8be5927715f11b2b547 |
10.0.1.2 | 10.0.1.1 | 0x619b8d214a283ea1fa2e58d19bd6234200bf50efce3cb420 |
10.0.1.2 | 10.0.1.3 | 0x08e63d3267d2629fd11f35fe8294d48761967a415ffe6264 |
10.0.1.3 | 10.0.1.1 | 0xca0f14b7b9e19f8e239e53e8fdb3456be3c50e40052f1e64 |
10.0.1.3 | 10.0.1.2 | 0x08e63d3267d2629fd11f35fe8294d48761967a415ffe6264 |
83.56.124.167 | 10.0.1.1 | 0x1d4f9b09620b5fbb07ec50aebf2af8be5927715f11b2b547 |
Finally, using the table above, we can create the Pre-Shared Key (PSK) files which also need to be present on all the host machines. Clearly, on your own network you will need to use different network addresses and should change those in the example below as required.
10.0.1.2 0x619b8d214a283ea1fa2e58d19bd6234200bf50efce3cb420
10.0.1.3 0xca0f14b7b9e19f8e239e53e8fdb3456be3c50e40052f1e64
83.56.124.167 0x1d4f9b09620b5fbb07ec50aebf2af8be5927715f11b2b547
10.0.1.1 0x619b8d214a283ea1fa2e58d19bd6234200bf50efce3cb420
10.0.1.3 0x08e63d3267d2629fd11f35fe8294d48761967a415ffe6264
10.0.1.1 0xca0f14b7b9e19f8e239e53e8fdb3456be3c50e40052f1e64
10.0.1.2 0x08e63d3267d2629fd11f35fe8294d48761967a415ffe6264
10.0.1.1 0x1d4f9b09620b5fbb07ec50aebf2af8be5927715f11b2b547
If you wish to generate your own unique keys the command below should produce suitable output, although it will need prefixing with 0x before it may be used in the above file.
1d4f9b09620b5fbb07ec50aebf2af8be5927715f11b2b547
Now that all the participating hosts have been correctly configured, and the racoon daemons have been started, we can check that there are no existing ISAKMP Security Associations by using the racoonctl application, as shown below.
Destination Cookies ST S V E Created Phase2
As we have no Security Policies defined we shall have to initiate the establishment of an ISAKMP SA manually. The racoonctl application may be used for this purpose and an example invocation is provided below.
The example output below shows a successful negotiation from the point of view of the initiating host.
racoon: INFO: accept a request to establish IKE-SA: 10.0.1.1 racoon: INFO: initiate new phase 1 negotiation: 10.0.1.2[500]<=>10.0.1.1[500] racoon: INFO: begin Identity Protection mode. racoon: phase1(ident I msg1): 0.000657 racoon: INFO: received Vendor ID: RFC 3947 racoon: INFO: received Vendor ID: DPD racoon: INFO: received broken Microsoft ID: FRAGMENTATION racoon: [10.0.1.1] INFO: Selected NAT-T version: RFC 3947 racoon: oakley_dh_generate(MODP1024): 0.003821 racoon: [10.0.1.1] INFO: Hashing 10.0.1.1[500] with algo #2 racoon: [10.0.1.2] INFO: Hashing 10.0.1.2[500] with algo #2 racoon: INFO: Adding remote and local NAT-D payloads. racoon: phase1(ident I msg2): 0.005240 racoon: [10.0.1.2] INFO: Hashing 10.0.1.2[500] with algo #2 racoon: INFO: NAT-D payload #0 verified racoon: [10.0.1.1] INFO: Hashing 10.0.1.1[500] with algo #2 racoon: INFO: NAT-D payload #1 verified racoon: INFO: NAT not detected racoon: oakley_dh_compute(MODP1024): 0.003545 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000048 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=145): 0.000016 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000011 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000011 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=336): 0.000010 racoon: alg_oakley_encdef_encrypt(aes klen=128 size=48): 0.000115 racoon: phase1(ident I msg3): 0.007361 racoon: alg_oakley_encdef_decrypt(aes klen=128 size=48): 0.000021 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=336): 0.000015 racoon: oakley_validate_auth(pre-shared key): 0.000217 racoon: phase1(ident R msg3): 0.000700 racoon: phase1(Identity Protection): 0.730750 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000008 racoon: alg_oakley_encdef_encrypt(aes klen=128 size=64): 0.000008 racoon: INFO: ISAKMP-SA established 10.0.1.2[500]-10.0.1.1[500] spi:c975a7dfb6e52d2c:a61484394c7fe6e3 racoon: alg_oakley_encdef_decrypt(aes klen=128 size=64): 0.000009 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000013 racoon: [10.0.1.1] INFO: received INITIAL-CONTACT
The example output below shows a successful negotiation from the point of view of the responding host.
Feb 10 15:20:59 backup1 racoon: INFO: respond new phase 1 negotiation: 10.0.1.1[500]<=>10.0.1.2[500] racoon: INFO: begin Identity Protection mode. racoon: INFO: received Vendor ID: RFC 3947 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-08 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-07 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-06 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-05 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-04 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-01 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-00 racoon: INFO: received broken Microsoft ID: FRAGMENTATION racoon: INFO: received Vendor ID: DPD racoon: [10.0.1.2] INFO: Selected NAT-T version: RFC 3947 racoon: phase1(ident R msg1): 0.000845 racoon: [10.0.1.1] INFO: Hashing 10.0.1.1[500] with algo #2 racoon: INFO: NAT-D payload #0 verified racoon: [10.0.1.2] INFO: Hashing 10.0.1.2[500] with algo #2 racoon: INFO: NAT-D payload #1 verified racoon: INFO: NAT not detected racoon: oakley_dh_generate(MODP1024): 0.003742 racoon: [10.0.1.2] INFO: Hashing 10.0.1.2[500] with algo #2 racoon: [10.0.1.1] INFO: Hashing 10.0.1.1[500] with algo #2 racoon: INFO: Adding remote and local NAT-D payloads. racoon: oakley_dh_compute(MODP1024): 0.003518 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000044 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=145): 0.000018 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000012 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000011 racoon: phase1(ident R msg2): 0.029955 racoon: alg_oakley_encdef_decrypt(aes klen=128 size=48): 0.000142 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=336): 0.000018 racoon: oakley_validate_auth(pre-shared key): 0.000280 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=336): 0.000013 racoon: alg_oakley_encdef_encrypt(aes klen=128 size=48): 0.000007 racoon: phase1(ident R msg3): 0.001691 racoon: phase1(Identity Protection): 0.677624 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000008 racoon: alg_oakley_encdef_encrypt(aes klen=128 size=64): 0.000008 racoon: INFO: ISAKMP-SA established 10.0.1.1[500]-10.0.1.2[500] spi:c975a7dfb6e52d2c:a61484394c7fe6e3 racoon: alg_oakley_encdef_decrypt(aes klen=128 size=64): 0.000009 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000015 racoon: [10.0.1.2] INFO: received INITIAL-CONTACT
We can also use the racoonctl application, as before, to verify that an ISAKMP SA has been established. The examples below show the expected output from the initiator and the responder respectively.
Destination Cookies ST S V E Created Phase2
10.0.1.10.500 c975a7dfb6e52d2c:a61484394c7fe6e3 9 I 10 M 2012-02-10 15:21:00 0
Destination Cookies ST S V E Created Phase2
10.0.1.2.500 c975a7dfb6e52d2c:a61484394c7fe6e3 9 R 10 M 2012-02-10 15:21:00 0
Once we are sure that the racoon daemons are configured correctly and that a Phase 1 Key Exchange is possible between the participating hosts we can move on to actually securing some network traffic.
So that we can still contact the participating hosts using ssh should something go wrong, and to avoid unduly disrupting other network traffic in the event of such a misconfiguration, we shall use a very selective Security Policy which will ensure that ICMP packets sent between two hosts will be secured with an Authentication Header. Clearly, this Security Policy may be easily extended to cover other network traffic once we are confident that everything is working as intended.
#! /usr/sbin/setkey -f
# Flush the SPD and SAD
spdflush;
flush;
# Require IPsec AH when sending/receiving ICMP packets
spdadd 10.0.1.1/32 10.0.1.2/32 icmp -P in ipsec ah/transport//require;
spdadd 10.0.1.2/32 10.0.1.1/32 icmp -P out ipsec ah/transport//require;
As you can see from our two example IPsec configurations (above and below) we have secured ICMP traffic between two hosts using an Authentication Header. It is extremely important that the source and destination addresses as well as the direction are all correct if the rule is to function correctly. Once the desired IPsec policy has been tested the source and destination addresses may be replaced with the base address and network mask of the local area network segment to apply the policy to all communications on that network segment.
#! /usr/sbin/setkey -f
# Flush the SPD and SAD
spdflush;
flush;
# Require IPsec AH when sending/receiving ICMP packets
spdadd 10.0.1.2/32 10.0.1.1/32 icmp -P in ipsec ah/transport//require;
spdadd 10.0.1.1/32 10.0.1.2/32 icmp -P out ipsec ah/transport//require;
When the new security policy configurations have been created the racoon daemon will need restarting on all participating hosts, as shown below.
We can now initiate a Phase 2 Key Exchange using either of the two methods below. The first uses the racoonctl application to manually establish an IPsec SA suitable for use with AH and ICMP. The second method uses the ping utility to generate some ICMP traffic which matches our policy which should cause the kernel to automatically signal the racoon daemon to establish a suitable SA.
64 bytes from 10.0.1.10: icmp_req=3 ttl=63 time=0.351 ms
--- 10.0.1.10 ping statistics ---
3 packets transmitted, 1 received, 66% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.351/0.351/0.351/0.000 ms
As before we can check the system log to see if everything worked as expected. The example below shows the logs from the initiating side.
racoon: INFO: initiate new phase 2 negotiation: 10.0.1.2[500]<=>10.0.1.1[500] racoon: oakley_dh_generate(MODP1024): 0.001871 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=316): 0.000007 racoon: alg_oakley_encdef_encrypt(aes klen=128 size=352): 0.000011 racoon: phase2(quick I msg1): 0.002035 racoon: alg_oakley_encdef_decrypt(aes klen=128 size=256): 0.000012 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=248): 0.000009 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=37): 0.000006 racoon: alg_oakley_encdef_encrypt(aes klen=128 size=32): 0.000004 racoon: oakley_dh_compute(MODP1024): 0.001803 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000007 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000010 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000007 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000007 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000005 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000007 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000007 racoon: phase2(quick I msg2): 0.006034 racoon: INFO: IPsec-SA established: AH/Transport 10.0.1.2[500]->10.0.1.1[500] spi=111521208(0x6a5adb8) racoon: phase2(quick): 0.011202 racoon: INFO: IPsec-SA established: AH/Transport 10.0.1.2[500]->10.0.1.1[500] spi=6242900(0x5f4254)
For completeness the logs from the responding side are provided below.
racoon: INFO: respond new phase 2 negotiation: 10.0.1.1[500]<=>10.0.1.2[500] racoon: alg_oakley_encdef_decrypt(aes klen=128 size=352): 0.000014 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=316): 0.000008 racoon: phase2(???): 0.000139 racoon: oakley_dh_generate(MODP1024): 0.001804 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=248): 0.000005 racoon: alg_oakley_encdef_encrypt(aes klen=128 size=256): 0.000007 racoon: phase2(quick R msg1): 0.001918 racoon: alg_oakley_encdef_decrypt(aes klen=128 size=32): 0.000005 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=37): 0.000007 racoon: oakley_dh_compute(MODP1024): 0.001848 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000007 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000012 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000008 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000012 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006 racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006 racoon: phase2(???): 0.005316 racoon: INFO: IPsec-SA established: AH/Transport 10.0.1.1[500]->10.0.1.2[500] spi=6242900(0x5f4254) racoon: phase2(quick): 1330361124.076928 racoon: INFO: IPsec-SA established: AH/Transport 10.0.1.1[500]->10.0.1.2[500] spi=111521208(0x6a5adb8)
We can also use the racoonctl application to check that the correct Security Associations were established, as shown in the following example.
10.0.1.2 10.0.1.1 ah mode=transport spi=6242900(0x005f4254) reqid=0(0x00000000) A: hmac-sha512 e7fced21 dd353450 d3d5965d 2bd1eb9f 1509f107 7b0fae85 02764bff 6876051a ad908c13 seq=0x00000000 replay=4 flags=0x00000000 state=mature created: Feb 27 17:45:21 2012 current: Feb 27 17:46:22 2012 diff: 61(s) hard: 43200(s) soft: 34560(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 0 hard: 0 soft: 0 sadb_seq=1 pid=32273 refcnt=0 10.0.1.1 10.0.1.2 ah mode=transport spi=111521208(0x06a5adb8) reqid=0(0x00000000) A: hmac-sha512 2a2ba836 0c553cba cb979c94 f501808c ed0b4919 efe36baf e8dff055 1fb6bb6a 6077e784 seq=0x00000000 replay=4 flags=0x00000000 state=mature created: Feb 27 17:45:21 2012 current: Feb 27 17:46:22 2012 diff: 61(s) hard: 43200(s) soft: 34560(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 0 hard: 0 soft: 0 sadb_seq=0 pid=32273 refcnt=0
Whilst the racoon daemon greatly simplifies the configuration of security policies You may well have noticed, while examining the examples in this section, that the use of Pre-Shared Keys has