diplomna_rabota_FN21110

of 72/72
1 ФМИ - СУ “Св. Климент Охридски” Катедра “Информационни технологии” Тема: VPN достъп до мрежата на СУ SUnet за индивидуални потребители и отдалечени звена Дипломант: Цветомир Милчев Христов, Ф.№ 21110, специалност: ИКТ Ръководител: доц. Красен Стефанов,ФМИ, Катедра “Информационни технологии” Гр.София 15.07.2006 г.
  • date post

    26-Aug-2014
  • Category

    Documents

  • view

    141
  • download

    2

Embed Size (px)

Transcript of diplomna_rabota_FN21110

- .

: VPN SUnet

: , . 21110, : : . ,,

. 15.07.2006 .

1

1. VPN. 1.1. (VPN) 1.2. VPN 1.3. VPN 1.4. , VPN 1.5. , VPN 1.6. VPN 1.7. VPN 2. IPSec. 2.1. , IPSec. 2.2. Encapsulating Security Payload (ESP) 2.3. Authentication Header (AH) 2.4. Internet Key Exchange (IKE) 3. Openswan VPN . 3.1. ipsec.conf. Openswan 3.2. K ipsec.secrets. 4. SUNet ADSL . . 4.1. Openswan 4.2. Openswan vpn.uni-sofia.bg 4.3. L2TP PPP vpn.uni-sofia.bg 4.4. Openswan 4.5. Windows XP Openswan l2tp/ipsec

2

,

. (Virtual Private Network VPN) . VPN , , , , .., , , . , VPN , , , . , . , VPN - , . IPSec . Openswan, VPN . VPN SUNet, penswan , .

3

1. VPN: SSL IPSec. 1.1. (VPN). VPN (Virtual Private Network - ) ( , . ) , . VPN , (Point-to Point). , , . virtual private networking. , () (header ), , (). , . , , . , , . , , . 1.1 .

1.1.

VPN , , ( ). VPN 4

. , . VPN ( ), . VPN (wide area network - WAN) . , , . , . : , , , , . , . - , , . VPN . 1.2. VPN. . VPN , .

5

1.2.

, VPN . . dial-up . . VPN . , Frame Relay, WAN , . VPN

: VPN . , VPN VPN . VPN (Demand-Dial VPN Networking). dial-up VPN - , , .6

.

, LAN . , , LAN . 1.3. VPN. VPN , , (data integrity) . . LAN , . , VPN : . VPN VPN . VPN. . VPN , , dns , . . , , VPN . . . , VPN , , ,

7

, . 1.4. , VPN. , . : 1. . , . ( ) , . (plain) (cipher). , cipher plain . : 3DES (Triple DES) DES (Data Encryption Standard). Triple DES DES 56- . BlowFish, TwoFish, Goldfish. BlowFish 64- , , 32 448 . . Goldfish Twofish Blowfish. AES (Advanced Encryption Standard) - AES - , Rijndael, 2000 . 128 , 192 1024 . 2. .

, . - , . - , , - . - :8

RSA (Rivest Shamir Adleman) - , , . DSA (Digital Signature Algorithm) . Diffie-Hellman .

, . RSA , DSA VPN , Diffie-Hellman . - DSA Diffie-Hellman .

. : : 112- . : 1024- 2048- . 1.5. , VPN. 1.5.1. . (, ) , (message digests). , . . 9

, - , . : MD5 (Message Digest) MD2 MD4, 128- . SHA1 (Secure Hash Algorithm) , 512 160- . MAC (Message Authentication Codes) , , . HMAC (Hash Message Authentication Codes) , . , - MD5 SHA. 1.5.2. , VPN . (Pre shared secret). . . , . , (certification authority -CA), . , , , , CA. CA , . , ,

10

. . 1.6. VPN. . , , , . . , , , , PFS (Perfect Forward Secrecy). PFS , . Denial of service ( ). DoS , , . : . - . , . . PPTP Denial-of-Service (DoS) Windows NT, OpenBSD , AH/ESP ( IPSec), DoS, Windows 2000 IKE IPSec. . VPN , Windows, VPN . VPN .

11

Man in the middle . spoof- ( , ). Diffie-Hellman . ( HMAC ). Replay . , . 1.7. VPN. VPN 2 3 Open System Interconnection (OSI) 1.3. , 2, L2TP PPTP. VPN, 3, IP . 3 IPSec, L2TP 3.

7 6 5 4 3 2 1

OSI 1.3.

TCP/IP

TCP,UDP IP , ICMP

1.7.1. PPTP VPN . Point-to-Point Tunneling Protocol (PPTP) , Cisco Windows, . Point-to-Point Protocol (PPP), o . PPP 12

Generic Routing Encapsulation (GRE) , RFC 1701 1702. IP , . PPP IP, IPX NetBEUI .

IP Header

GRE Header

PPP Header 1.4.

PPP Payload

PPTP : MSCHAP-v2 EAP-TLS, . Microsoft MSCHAP-v2 PPP e MSCHAP-v1 Challenge Handshake Authentication Protocol (CHAP). MSCHAP . PPTP Microsoft Point-to-Point Encryption (MPPE). MPPE PPP RSA RC4 , 40, 56 128-. PPTP. PPTP , Microsoft Windows Windows 95. , MacOS PDA . VPN EAP-TLS, . NAT (Network Address Translation). VPN , , , , , , replay .

13

1.7.2. L2TP VPN . Layer 2 Tunneling Protocol (L2TP) (datalink) OSI ( ). - PPP L2TP , PPTP. . L2TP IP UDP L2TP- . L2TP UDP, L2TP- PPP . / , Microsoft L2TP .

IP Header

UDP Header

L2TP Header

PPP Header 1.4.

PPP Payload

L2TP - IPSec, , . L2TP/IPSec RFC3193. L2TP PPTP, : L2TP ; , ; , IP, ATM Frame Relay . L2TP/IPSec , . Windows Server 2003, Windows XP, Windows 2000 L2TP , Microsoft L2TP/IPsec VPN Client. 1.7.3. IPSec VPN. IPSec (Internet Protocol security) IP, , Internet Protocol .

14

IPSec , IP, : ; ; . , IPSec: (Authentication Header) - IP . ESP (Encapsulating Security Payload) IP . IKE (Internet Key Exchange) - , . IPSec e , ( ), ( ), . IPSec , , VPN 2. 1.7.4. VPN , - . , 3 OSI . , SSL, SSH TLS, 4-7 OSI. OpenVPN, . OpenVPN VPN, Secure Socket Layer/Transport Socket Layer (SSL/ TSL) , . : , (site-to-site), , , (failover) 15

. , (firewall), VPN-. Universal/ Tap Device Driver. Tun , , Tap Ethernet . OpenVPN. SSL . . OpenVPN RSA/DHE. OpenVPN OSI 2 3 , . , , VPN. OpenVPN : 1. - (pre-shared key), . . 2. , -, X.509 . 3. OpenVPN (Pluggable Authentification Module, PAM). , . OpenVPN : (SSL/ TLS), RSA X509 PKI; ; ; IP NAT; ;16

- Linux, Solaris, OpenBSD, FreeBSD, NetBSD, Mac OS X, and Windows 2000/XP; ; - GNU License . IPSec, IKE, PPTP L2TP. 2. IPSec. 2.1. , IPSec. IPSec IPv4 IPv6 . , (integrity) , , (replays), ( ) . IP. , IPSec (firewall). - , IPSec . IPSec (security gateway - SG) IPSec . . , a IPSec, , (Security Policy Database - SPD) / . IP (PROTECT) IPSec , (DISCARD) IPSec (BYPASS). IPsec (Security Association - SA). , IPSec VPN - AH ( , , IP ) ESP ( IP ), SA. Internet Key Exchange (IKE).17

, , , , . SA , , , AH ESP (: DES , 3DES, AES MD5 SHA-1 ). , , AH ESP, , SA. oo IPSec , SA ( ). IKE SA. IPSec VPN SA: ISAKMP (Internet Security Association Key Management Protocol), IKE. IKE SA , - . IPSec SAs. IPSec SA . IPSec SAs . IPSec SA : 1. Security parameter index (SPI) 32- , SA. 2. IP . 3. , SA AH ESP. SA Security Association Database (SAD). . IPSec RFC 4301. . , IPSec , . IPSec . Authentication Header (RFC 4302) IP , Encapsulating Security Payload (RFC 4303) - , IP , .. - . 18

. / . , AH ESP, . - . IPSec IP . IP , IPsec . . VPN . , . . IPSec , . IP , . TCP/IP , . , IPSec IP . IPSec . : . , , . , . , VPN. . VPN VPN , , .

19

, . VPN . , VPN , . SA SA . . - VPN IPSec . ,

. VPN . , , . , , , . , IP . , IP . : . IP , , . IP , , VPN. IPSec . . VPN .20

2.2. Encapsulating Security Payload (ESP). RFC 4303. ESP - , , , (anti-replay) . . IP , . IP , . Security Association (SA) .

IP

IP Header IP HeaderESP Header

TCP Header TCP HeaderTCP Header

Data

Transport Mode

ESP HeaderIP Header

Data

ESP TrailerESP Trailer

ESP AuthentESP Authent

Tunnel Mode

NEW IP Header

Data

2.1. ESP .

ESP . ESP SA. ESP , (: DES, 3DES, AES). , . , , . , ESP, . . ESP , AH .

21

ESP . ESP IP VPN. IP 50, ESP 50 (IANA). 2.2. ESP SA.

Security Parameters Index (SPI) Sequence Number Field Payload Data (Variable) Optional Padding (0-255) Pad Len. Next Header Authentication Data (Variable)

2.2. ESP

SPI 32- . 1 255 , ISAKMP SA. Sequence Number Field ( ) (replay) . , SA. , SA SA. Payload data , , - . . (initialization vector-IV), . Padding , , . , . Padding , pad 4- .22

Pad Length , padding, . Padding , . Pad Length , pad. Next Header 8- , , Payload data. , . Authentication Data , Integrity Check Value (ICV), ESP Authentication Data. . Authentication Data , SA . ESP . : . . , ESP. , . 1. Payload. , IP . 2. padding. Pad Length Next Header. 3. , , pad, pad length next header. (IV), . 4. ESP . . , . 5. , ESP (SPI Sequence number) Payload,

23

, padding Next Header. . . , ESP . : 1. SPI ESP IP SA SA. , . 2. , . 3. SA, , ESP. 4. - IP SA. 5. SPD , SA. 6. IP . ESP replay . IPSec , - . . , , , . RFC (RFC2406) , . ESP , . authentication payload.24

, . ESP , RFC. ESP , . 2.3. Authentication Header (AH). , () - Authentication Header (AH), RFC 4302. , . . . , . ESP, . IP , IPSec . , IP . IP , .

IP

IP Header AH Header

TCP Header

Data

Transport Mode

IP HeaderAH Header

AH Authentification Data IP Header

TCP Data Header TCP Header Data

Tunnel Mode

NEW IP Header

AH Authentification Data

2.3.

25

2.4. , :

Next Header

Payload Len Reserved Security Parameter Index (SPI) Sequence Number Field Authentication Data

2.4. AH Header.

IP 8- 51, 51 IANA. ESP Next Header , . 8- , Authentification Header. Payload Length 8- , 32- 2. Reserved 16- , . . SPI 32- , ESP. Authentication Data , . . - 32 , padding. , . ESP : . : 1. SA . 2. , IP SPI. 3. .26

4. , . , , , ESP. : IP , . . ;

. ,

, . , . , . . . IP : version IP header length total length identification protocol (51 ) source address destination address.

: type of service all flags fragment offset time to live (TTL) header checksum.

27

. ESP, , IPSec . , : 1. SPI IP SA SA. , . 2. , . 3. SA, , . 4. IP . 2.4. Internet Key Exchange (IKE). IKE Oakley SKEME , Internet Security Association and Key Management Protocol (ISAKMP). ISAKMP , . Oakley SKEME , , . IKE (rekeying), . IKE SA, IKE SA IPSec SA. IKE SA , , IKE, .. IKE SA , IPSec SA . Oakley , ISAKMP . IKE , , . 1 ISAKMP , . . . ISAKMP Security Association. ,

28

1, Main Mode Aggressive Mode . 2 Quick Mode New Group Mode. Quick Mode SA . New Group Mode 2, , , 1. 2 SA IPsec , / . Quick Mode 2 . New Group Mode 1 , . ISAKMP SA . , Quick Mode, Informational New Group Mode . ISAKMP SA , . 1 SA. Main Mode , Aggressive Mode - . 2.4.1. ISAKMP . 1 2 ISAKMP , payload ( ). ISAKMP ISAKMP , . 13 payload-, ISAKMP . , SA. . 2.5. ISAKMP 28- . 8- , , SA. . (denial-of-service),

29

, , .

Initiator Cookie Responder Cookie Next Pay MJ Ver. MN Ver. Flags

Message ID Length 2.5. ISAKMP .

Next Payload ISAKMP Generic Payload. 8- , 255 , 13 ISAKMP/ IKE. Major Minor ISAKMP, . xchange type . , ISAKMP: NONE 0 Base 1 Identity Protection 2 Authentication Only 3 Aggressive 4 Informational 5 ISAKMP Future Use 631 DOI Specific Use 32239 Private Use 240255 Flag . Message ID , 2. Length payloads ISAKMP . 2.4.2. Payload-, IKE. Generic Payload . payload- . IKE . payload generic .30

Next payload

Reserved

Payload Length

2.6. Generic Payload.

Next Payload Length ISAKMP . ISAKMP . Security Association Payload , SA.

Next Pay

Reserved DOI Situation

Payload Length

2.7. Security Association Payload.

Proposal Payload , SA. , , . Proposal payload transform payload, SA.

Next Pay Proposal#

Reserved Protocol ID SPI

Payload Length SPI Size # of Trsfms

2.8. Proposal Payload.

Proposal payload: Proposal number (Proposal #) . . Protocol ID , , ESP H. SPI size , IPSec.

31

Transform Payload . Transform # , transform payload. , ESP DES MD5 , transform payload-. Transform ID , . SA Attributes payload - Information Attributes.

Next Pay Transforml#

Reserved Transform ID SA Attributes

Payload Length Reserved

2.9. Transform payload.

Identification Payload. Payload .

Next Pay ID Type

Reserved Protocol ID Identification Data

Payload Length Port

2.10.

ID_Type , IP v4 , FQDN, IP v4 , IPv6 , IPv6 . Certificate Payload. Payload , .

Next Pay Cert encode

Reserved

Payload Length Cerificate Data

2.11. Certificate Payload.

certificate encoding , :

32

PKCS #7 wrapped X.509 certificate 1 PGP Certificate 2 DNS Signed Key 3 X.509 Certificate - Signature 4 X.509 Certificate - Key Exchange 5 Kerberos Tokens 6 Certificate Revocation List (CRL) 7 Authority Revocation List (ARL) 8 SPKI Certificate 9 X.509 Certificate - Attribute 10 RESERVED 11255 certificate encoding , . Certificate Request Payload . , . VPN , . Notification Payload . , payload- (), . , , SA . Delete Payload SA , e SA SPD SAD (SA Database). 1 2 ISAKMP payload- . payload-, Transform payload, attribute payload, payload.

AF Attribute Type AF=0 Attribute Value AF=1 Not used

Attr.Length/Attr.Value

2.12. .

33

ttribute payload : AF, Attribute Type , Attribute Length , Attribute Value . AF 0, . AF 1, , payload- 4 . 1. IKE a 1 IKE, 2, IPSec SA. IKE IKE . IKE RFC, IPSec DOI ISAKMP RFC. IKE : Encryption Algorithm Hash Algorithm Authentication Method Group Description Group Type Group Prime/Irreducible Polynomial Group Generator One Group Generator Two Group Curve A Group Curve B Life Type Life Duration PRF Key Length Field Size Group Order 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

1, , IKE . 1 2 IKE, . : DES-CBC IDEA-CBC Blowfish-CBC RC5-R16-B64-CBC 1 2 3 434

3DES-CBC CAST-CBC AES-CBC Camelia-CBC

5 6 7 8

2, , , IKE . : MD5 SHA Tiger SHA2-256 SHA2-384 SHA2-512 1 2 3 4 5 6

3, , , IKE. , : Pre-shared key DSS signatures RSA signatures Encryption with RSA Revised encryption with RSA 1 2 3 4 5

4 10 DiffieHellman. 11, life , , 12, 11. 13, - , . IPSec ISAKMP - HMAC . Key length , . , . Diffie-Hellman. 2. 2 IKE, Quick Mode , IPSec SA IKE. 2 SA payload-, 35

proposals and transform payload- IPSec SA. , 1 IKE, IKE SA. Proposal () transform payloads. proposal payload- IPSec , transform payload- transform . IPSec VPN ESP DES MD5 ID , IPSEC-ESP, transform ID ESP-DES payload, SA, HMAC MD5 . 2 IPSec SA : SA Life Type SA Life Duration Group Description Encapsulation Mode Authentication Algorithm Key Length Key Rounds Compress Dictionary Size Compress Private Algorithm 1 2 3 4 5 6 7 8 9

Life Type 1. SA. Group description 2 Diffie-Hellman . Encapsulation mode . Tunnel Transport 1 2

Authentification Algorithm : HMAC-MD5 HMAC-SHA DES-MAC KPDK 1 2 3 4

6, 7 8, IPSec 0.

36

Compress private algorithm , . 2.4.3. 1. SA, ISAKMP, 1. 1 SA ISAKMP , IPSec SA. 1 , . 1 Diffie-Hellman, 1 2. 1 . 1 Main Mode, Aggressive Mode Base Mode. Main Mode Aggressive Mode. , IKE ISAKMP RFC, Base Mode . SA. Main Mode , Aggressive Mode , Base Mode . 2.4.3.1. Main Mode. SA Main Mode . SA, Diffie-Hellman nonce ( ) . 2.13. 2.14.

37

1 2 3 4 5 6

ISAKMP Header & SA Proposal and Sets ISAKMP Header & Accepted SA Proposal and Set ISAKMP Header, KE & Nonce ISAKMP Header, KE & Nonce ISAKMP Header, ID_i & HASH ISAKMP Header, ID_r & HASH

2.13. Main mode .

1 2 3 4

ISAKMP Header & SA Proposal and Transformsets ISAKMP Header & Accepted SA Proposal and Transformset (only one) ISAKMP Header, KE, Nonce, & optional Certificate Request ISAKMP Header, KE & NonceISAKMP Header, KE, Nonce, & optional Certificate Request ISAKMP Header, ID_i, Signature, & optional Certificate ISAKMP Header, ID_i, Signature, & optional Certificate

5 6

2.14. Main mode .

, IP . . , ISAKMP SA . SA proposal transform payload-, . . . ISAKMP SA , proposal transform payload , . .38

, - , , IKE. Diffie-Hellman, . . Diffie-Hellman nonce. Nonce , , - . Diffie-Hellman . : 1. SKEYID, , . PFS (perfect forward secrecy- ) , , 1 2. 2. SKEYID_d SA 2 (.. IPSec). 3. SKEYID_a , . 4. SKEYID_e , IKE . ,

, , SKEYID. , SKEYID, . - (prf) , . Prf , , , . : Digest = prf (key/seed, data1 | data2 | data3) , SKEYID : SKEYID = prf (pre-shared key, Nonce_i | Nonce_r)39

: / () 1 2 () 3 (ESP-DES ESP MD5-HMAC).

, : SKEYID = prf (Nonce_i | Nonce_r, DH_key), Nonce_i Nonce_r , DH_key , Diffie-Hellman Diffie-Hellman. , , . SKEYID_d = prf (SKEYID, DH_key | Cookie_i | Cookie_r | 0) SKEYID_a = prf (SKEYID, SKEYID_d | DH_key | Cookie_i | Cookie_r | 1) SKEYID_e = prf (SKEYID, SKEYID_a | DH_key | Cookie_i | Cookie_r | 2) , SKEYID, , . , . , , , IP . Identification Payload , IP , fully qualified domain name (FQDN). ID payload- , , IP . Main Mode 1 , , IP . Main Mode . , IP , , IP , . , IP40

. , . Aggressive Mode, ID payload- . . ISAKMP , ID payload HASH payload . SKEYID_e. HASH , , - ID payload. : HASH = prf (SKEYID, Ya | Yb | Cookie_i | Cookie_r | SA offer | ID_i) HASH a . 2.4.3.2. Aggressive Mode. Aggressive Mode , Main Mode , - Main Mode. Aggressive Mode - , . , payload- , . , Diffie-Hellman , SA payload. Aggressive Mode , Main Mode ID payload-. Aggressive Mode ID payload- . Aggressive Mode , . , - , - - . Aggressive Mode IKE SA , ID payload. , ID payload .41

, , IP (.. ). , IP , , . Aggressive Mod , Main Mode. ID payload- . ID payload- ID_USER_FQDN, , ID_KEY_ID. ID_KEY_ID, IP Security Domain of Interpretation (RFC 2407), , , . , VPN. , , .

1

ISAKMP Header, SA Proposal & Transformsets, KE, Nonce, and ID payload ISAKMP Header, SA Proposal & Transformsets, KE, Nonce, ID payload, and HASH_r and Set ISAKMP Header and HASH_i

2 3

2.15. Aggressive Mode - .

1

ISAKMP Header, SA Proposal & Transformsets, KE, Nonce, and ID payload ISAKMP Header, SA Proposal & Transformsets,KE, Nonce, ID payload,Signature, and Optional Certificate ISAKMP Header, optional Certificate, and Signature

2

3

2.16. Aggressive Mode - . 42

Aggressive Mode Main Mode, , IP . 2.4.4. 2. SA, 1, ISAKMP 2, IPSec SA. 1 , - , , IKE SA. SA IPSec 2 . SA ESP AH. , , VPN , . IKE ISAKMP SA, - . 2 IKE ISAKMP, IPSec VPN. 2.4.4.1. Quick Mode. Quick Mode 2 1, IKE SA. SKEYID_a, SKEYID, Quick Mode, SKEYID_e , . , 2 . Quick Mode 1 . ISAKMP SA payload transformset. 1, Quick Mode. 2. Quick Mode ,

43

1, IPSec. Quick Mode SA IPSec. IPSec 3DES SHA , DES . , SA. Quick Mode SA IPSec . SA, SA. , SA , nonces, . , Quick Mode , ID ISAKMP Quick Mode. ID ISAKMP Quick Mode, . , ID Quick Mode IP 1. , Quick Mode , . IKE ID payload-, ID payload-, . ID payload- , FQDM 1. ID- , SPD SAD IPSec. , . ID payload , SA payload- . SA , . a SPD S ,44

. SPD , , ID payload- SAD. SAD SPD , ID SA , , ID payload-. ID payload- , PFS. , Diffie-Hellman . . Quick Mode .2.17. , SKEYID_e SKEYID_a.

1

ISAKMP Header, HASH(1), SA Proposal and Transformsets, Nonce_i, Optional KE, CID_i, and CID_r ISAKMP Header, HASH(2), SA Proposal and Transformsets, Nonce_r, Optional KE, CID_i, and CID_r ISAKMP Header & HASH(3)

2

3

2.17.

, HASH payload-. , (HASH) . (HASH) PFS KE. , SA, SA payload. SA payload IPSec SA, , SA payload- Quick Mode.

45

HASH payload- ( ( )). HASH(1)prf ( SKEYID_a, M-ID | SA offer | Nonce_I | (KE) | (CID_I) | (CID_r)). HASH(1) , . HASH(1) . HASH(2)prf ( SKEYID_a, M-ID | Nonce_I | SA offer | Nonce_r | (KE) | (CID_I) | (CID_r)). HASH(1), HASH(2) , nonce . HASH(3)prf ( SKEYID_a, 0 | M-ID | Nonce_I | Nonce_r). HASH nonces ID . , IPSec . , , Quick Mode, (replay atack), (denial-of-service attack). M-ID ID ISAKMP , Quick ode SA. 1, KE Diffie-Hellman, IPSec. CID_I CID_r ID payload- . SKEYID_a HASH . IPSec. SKEYID_d 1, 2, IKE. IPSec SA . Quick Mode SA, SA . SPI, , SA. , IPSec, Quick Mode. PFS, KE, Diffie-Hellman 46

, IPSec, : KEY = prf (SKEYID_d, protocol | SPI | Nonce_i | Nonce_r) PFS. KEY = prf (SKEYID_d, DH_key(QM) | protocol | SPI | Nonce_i | Nonce_r) PFS. PFS , Diffie-Hellman Quick Mode. ISKAMP transformsets. . SPI protocol, SA, . SPI SA. SA , SA. Quick Mode . 1. Quick Mode. , IKE IPSec . IPSec Quick Mode, IKE SA . IKE SA Quick Mode SA. 2.4.4.2. New Group Mode. New Group Mode e , IKE, Diffie-Hellman , 1. , , SA payload. DiffieHellman, .

47

1 2

ISAKMP Header, HASH(NG1), and SA Proposal ISAKMP Header, HASH(NG2), and SA Proposal

2.18.

2.18. , New Group. ISAKMP , SA payload, c DiffieHellman . HASH(NG1) HASH(NG2) SKEYID_a, 1 - IKE HASH(NG1) = prf ( SKEYID_a, Message ID | Entire SA proposal, header and payload) HASH(NG2) = prf ( SKEYID_a, Message ID | SA reply) IPSec. IPSec IP . , , - : IPse , . , IPse , . IPse . IPse (end-to-end). , - . IPse IP , . IPse , , , .

48

. - , LAN . IPse . , - . , , . IPse - . man-in-the-middle. IPse , . IPse , ID , . IPse , , . , , IPse. IPse (traffic analysis). . IPse , gateway .

49

3. Openswan VPN . VPN , . - SUNet C 62.44.96.0/19.

3.1. - SUNet

, , , NAT , () - celk.uni-sofia.bg 62.44.96.183 192.168.0.0/24. : VPN Windows 2000/XP. VPN , . : IP - NAT (Network Address Translation - , RFC 1631). , ADSL . ADSL ADSL , ADSL ISDN , 10BaseT RJ45 Ethernet.50

NAT (WAN) (LAN) . : IP IANA/ RIPE, / . ADSL IP DHCP (LAN) . IP , RFC 1918 - . 192.168.1.x. 253 . 3. NAT ADSL IPSec VPN , NAT-T, a RFC-3942 RFC-3948 2005 . NAT IPSec, ESP AH UDP 4500 IPSec NAT .

3.2 ADSL

VPN vpn.uni-sofia.bg. , . SUNet VPN --. - ADSL,

51

IPSec VPN 3.. VPN --.

3.3 Openswan ADSL .

VPN - , 23 Aleph 62.44.11.2, SUNet. , 23 Border . VPN , , . - ADSL , . VPN IPSec . IPSec Windows 2000, Windows XP Windows 2003 Server, Openswan Strongwan - IPSec Frees/WAN. VPN vpn.uni-sofia.bg, Fedora Core 5 , -SUNet 192.168.24.0/24 . IPSec . Openswan. Openswan IPSec . , IPSec. , IP52

, NAT , ADSL. X.509 2.6., Frees/WAN Strongwan, 2.4. , GNU General Public License. Openswan IPSec : KLIPS (kernel IPSec) - AH, ESP , . Pluto (IKE daemon) - IKE, . . 3.1. ipsec.conf. Openswan. , Openswan VPN, /etc/ipsec.secrets, , /etc/ipsec.conf, . ipsec.conf - config setup, , conn. CONN. CONN , , IPSec. . 172.16.0.0/24 10.0.0.0, Openswan. , . penswan. IP gateway-a. /etc/ipsec.conf. conn left-to-right left=192.0.2.2 leftsubnet=172.16.0.0/24 IP 53

leftnexthop=1.1.1.1 right=2.2.2.2 rightsubnet=10.0.0.0/24 rightnexthop=2.2.2.1 auto=add #

gateway IP gateway

Openswan 2 - manual auto ( ). automatic keying ( )

: IP gateway-to-gateway . , , , . IPSec . . . , , , left right . , ; , , , . CONN. - . , . type - . tunnel, . , . transport .54

left - IP . %defaultroute interfaces=%defaultroute config , left , , leftnexthop. left, right %defaultroute, . %any IP . leftsubnet - network/netmask. leftnexthop - gateway IP . leftupdown - . Leftfirewall - ( , ( ). yes ( ) no. CONN . . . keyexchange - . ike. auto - IPSec. add ( ipsec auto --add), route (ipsec auto --route), start (ipsec auto --up) ignore ( ) ( ). , plutoload plutostart . , ( , ,

55

auto=start, , ). auth - ESP AH. esp ah. authby - gateway . secret rsasid rsa . leftid

. left, IP FQDN, @. leftrsasigkey - RSA RFC 2537. leftrsasigkey2 - , . pfs - Perfect Forward Secrecy ( pfs , -). yes no. keylife - ( ) . , , m, h d, , . rekey - . rekeymargin - . keylife. rekeyfuzz - , rekeymargin . , . , 100%, . keyingtries - , . 3, 0 .

56

ikelifetime - . 1 , 8 . compress - . . yes no, no e . disablearrivalcheck - KLIPS , , . yes no. CONN . . . - AH ESP, . spi - spi . 0xhex, hex , KLIPS 0x100, 0x100 0xfff. Spibase - spi spi . 0xhex0, hex , KLIPS - 0x100, 0x100 0xff0. esp - ESP . , ipsec_spi(8), 3des-md5-96. ESP. espenckey - ESP . leftespenckey rightespenckey. espauthkey - ESP . leftespauthkey rightespauthkey. espreplay_window - ESP replay-window 0 64. , ESP . leftespspi - SPI, ESP , , spi spi base.

57

ah - AH , , hmac-md5-96. ahkey - AH , . leftahkey rightahkey. ahreplay_window - AH replay-window 0 ( , ) 64. leftahspi - SPI, AH- , spi spi base. CONFIG. config setup, , penswan. config setup interfaces="ipsec0=eth1 ipsec1=ppp0" klipsdebug=none plutodebug=all manualstart= plutoload="snta sntb sntc sntd" plutostart= - , , : interfaces - , , IPSec. forwardcontrol - ip forwarding ( ) IPSec. syslog - log IPSec. klipsdebug - KLIPS . none , all . plutodebug - Pluto . none , all . manualstart - IPSec. , , , . pluto - Pluto . yes no.58

plutoload - ( ) Pluto. , , , . %search, auto=add, auto=route auto=start. plutostart - IPSec. , , , . %search, auto=add, auto=route auto=start. plutowait - Pluto Plutostart . plutobackgroundload - , . . prepluto - shell, Pluto. postpluto - shell, Pluto. packetdefault - , KLIPS, eroute. pass, , drop ( ), , reject - drop, icmp . hidetos - TOS 0 . yes ( ) no. uniqueids - ID , , ID IP . yes no, . overridemtu - MTU IPSec . 3.2. ipsec.secrets. . IP , :

59

# sample /etc/ipsec.secrets file for 10.1.0.1 10.1.0.1 10.2.0.1: PSK "secret shared by two hosts"

RSA . ipsec.secrets RSA.# an RSA private key. @my.com: rsa { Modulus: 0syXpo/6waam+ZhSs8Lt6jnBzu3C4grtt... PublicExponent: 0sAw== PrivateExponent: 0shlGbVR1m8Z+7rhzSyenCaBN... Prime1: 0s8njV7WTxzVzRz7AP+0OraDxmEAt1BL5l... Prime2: 0s1LgR7/oUMo9BvfU8yRFNos1s211KX5K0... Exponent1: 0soaXj85ihM5M2inVf/NfHmtLutVz4r... Exponent2: 0sjdAL9VFizF+BKU4ohguJFzOd55OG6... Coefficient: 0sK1LWwgnNrNFGZsS/2GuMBg9nYVZ... }

: , . %prompt . Pluto.# X.509 certificate : RSA host.example.com.key "password"

4. SUNet ADSL . . 4.1. Openswan . OpensWAN X.509: Openswan - , penswan (http://www.openswan.org/), - NAT-T, RPM . RPM fedora, mandrake, suse . Fedora http://www.openswan.org/download/binaries/fedora/3/i386/openswan-2.4.2-1.i386.rpm, rpm -ivh openswan-2.4.2-1.i386.rpm.

60

4.2. Openswan vpn.uni-sofia.bg. VPN: , , windows . VPN vpn.uni-sofia.bg Fedora 3. 3, VPN /etc/ipsec.conf. home-to-su-icmp Openswan - penswan VPN (. 4.1.).

4.1.

VPN 192.168.24.0/24 , vpn.uni-sofia.bg 192.168.2.0/24 85.187.139.5, . home-to-su-icmp-nat Openswan penswan NAT VPN . 4.2.

61

4.2.

VPN 192.168.24.0/24, vpn.uni-sofia.bg, 192.168.2.0/24 ADSL 192.168.1.1. win-to-su-icmp e Openswan Windows 2000/XP - VPN . 4.3. Windows , , Windows VPN .

4.3.

62

ipsec.conf conn e :conn home-to-su-icmp authby=rsasig pfs=no auto=add rekey=no left=62.44.96.35 leftnexthop=62.44.96.3 leftsubnet=192.168.24.0/24 leftrsasigkey=%cert leftcert=/etc/ipsec.d/certs/clientCert.pem leftprotoport=icmp # # The remote user. # right=85.187.139.5 rightnexthop=85.187.139.5 rightcert=/etc/ipsec.d/certs/hostCert.pem rightrsasigkey=%cert rightprotoport=icmp rightsubnet=192.168.2.0/24 conn home-to-su-icmp-nat authby=rsasig pfs=no auto=add rekey=no left=62.44.96.35 leftnexthop=62.44.96.3 leftsubnet=192.168.24.0/24 leftrsasigkey=%cert leftcert=/etc/ipsec.d/certs/clientCert.pem leftprotoport=icmp # # The remote user. # right=%any rightcert=/etc/ipsec.d/certs/hostCert.pem rightrsasigkey=%cert rightprotoport=icmp rightsubnet=192.168.2.0/24 conn win-to-su-icmp authby=rsasig rekey=no left=62.44.96.35 leftnexthop=62.44.96.3 leftrsasigkey=%cert leftcert=/etc/ipsec.d/certs/clientCert.pem # For updated Windows 2000/XP clients, # to support old clients as well, use leftprotoport=17/%any leftprotoport=17/0 # # The remote user. right=%any rightca=%same rightrsasigkey=%cert rightprotoport=17/1701 rightsubnet=vhost:%priv,%no pfs=no auto=add

63

CA OpenSSL. winhostCert.pem hostCert.pem clientCert.pem

/etc/ipsec.d/certs/,

hostKey.pem, clientKey.pem winhostKey.pem /etc/ipsec.d/private/, /etc/ipsec.d/cacerts/ o , CA - caCert.pem. hostCert.pem clientCert.pem

VPN .

VPN

, winhostCert.pem - Windows. winhostCert.pem Windows, OpenSSL winhostCert.p12 , CA, . ipsec.conf ipsec.secrets Openswan service ipsec restart. ipsec verify ipsec . :>ipsec verify Checking your system to see if IPsec got installed and started correctly: Version check and ipsec on-path [OK] Linux Openswan U2.4.4/K2.6.12-1.1381_FC3 (netkey) Checking for IPsec support in kernel [OK] Checking for RSA private key (/etc/ipsec.secrets) [FAILED] ipsec showhostkey: no default key in "/etc/ipsec.secrets" Checking that pluto is running [OK] Two or more interfaces found, checking IP forwarding [OK] Checking NAT and MASQUERADEing [OK] Checking for 'ip' command [OK] Checking for 'iptables' command [OK] Checking for 'setkey' command for NETKEY IPsec stack support [OK] Opportunistic Encryption Support [DISABLED]

IPSec,a UDP 500 (IKE), 50 (ESP), 51(AH) UDP 4500 NAT-T. 4.3. L2TP PPP vpn.uni-sofia.bg. 1) Windows l2tp .

64

http://www.openswan.org/download/binaries/fedora/3/i386/l2tpd-0.69-13.i386.rpm rpm ivh l2tpd-0.69-13.i386.rpm.

2) l2tpd. Fedora '/etc/l2tpd/l2tpd.conf'. - : [global]auth file = /etc/l2tpd/l2tp-secrets [lns default] ip range = 172.22.127.2-172.22.127.250 local ip = 172.22.127.1 require chap = yes refuse pap = yes require authentication = yes name = MyVPN ppp debug = yes pppoptfile = /etc/ppp/options.l2tpd.lns length bit = yes

IP . Local IP VPN . 3) . - /etc/ppp/options.l2tpd.lns.ipcp-accept-local ipcp-accept-remote ms-dns 172.22.127.1 ms-wins 172.22.127.1 auth crtscts idle 1800 mtu 1200 mru 1200 nodefaultroute debug lock proxyarp connect-delay 5000 nologfd

ms-dns ms-wins DNS WINS . mtu 1200, , 1500, SMB . 4) - /etc/ppp/chap-secrets.# Secrets for authentication using CHAP # client server secret IP addresses username * password *

65

, IP , IP . l2tpd '/etc/init.d/l2tpd start'. 4.4 Openswan . - NAT. penswan , . home-to-su-icmp , :conn home-to-su-icmp authby=rsasig pfs=no auto=add rekey=no left=62.44.96.35 leftnexthop=62.44.96.3 leftsubnet=192.168.24.0/24 leftrsasigkey=%cert leftcert=/etc/ipsec.d/certs/clientCert.pem leftprotoport=icmp right=85.139.187.5 rightnexthop=85.139.187.1 rightsubnet=192.168.2.0/24 rightcert=/etc/ipsec.d/certs/hostCert.pem rightrsasigkey=%cert rightprotoport=icmp

, NAT, :conn home-to-su-icmp-nat authby=rsasig pfs=no auto=add rekey=no left=62.44.96.35 leftnexthop=62.44.96.3 leftsubnet=192.168.24.0/24 leftrsasigkey=%cert leftcert=/etc/ipsec.d/certs/clientCert.pem leftprotoport=icmp right=192.168.1.2 rightnexthop=192.168.1.1 #ADSL rightsubnet=192.168.2.0/24 rightcert=/etc/ipsec.d/certs/hostCert.pem rightrsasigkey=%cert rightprotoport=icmp

66

(right ) , VPN IP . home-to-su-icmp. ipsec auto --up home-to-su-icmp. -:ipsec auto --up home-to-su-icmp 104 "home-to-su-icmp" #1: STATE_MAIN_I1: initiate 003 "home-to-su-icmp" #1: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR] 003 "home-to-su-icmp" #1: received Vendor ID payload [Dead Peer Detection] 003 "home-to-su-icmp" #1: received Vendor ID payload [RFC 3947] method set to=109 106 "home-to-su-icmp" #1: STATE_MAIN_I2: sent MI2, expecting MR2 003 "home-to-su-icmp" #1: NAT-Traversal: Result using 3: no NAT detected 108 "home-to-su-icmp" #1: STATE_MAIN_I3: sent MI3, expecting MR3 004 "home-to-su-icmp" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536} 117 "home-to-su-icmp" #2: STATE_QUICK_I1: initiate 004 "home-to-su-icmp" #2: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x6f78f193 0x0000949d