TNC Client
Installation
In order to run a TNC client communicating via PT-EAP, in addition to the standard
strongSwan VPN configuration the following
./configure options have to be enabled
--enable-eap-identity --enable-eap-ttls --enable-eap-tnc --enable-tnccs-20 --enable-tnc-imc
If client authentication is based on passwords instead of X.509 certificates,
additionally either the EAP-MD5 or EAP-MSCHAPv2 methods have to be enabled with
--enable-eap-md5 or --enable-eap-mschapv2, respectively.
Configuration
In the strongswan.conf configuration file a
couple of important parameters have to been set:
charon {
plugins {
eap-ttls {
max_message_count = 0
}
eap-tnc {
max_message_count = 0
}
tnccs-20 {
max_batch_size = 32754
max_message_size = 32722
}
}
}
Message Size Restrictions
Since often quite a lot of messages are exchanged via the PT-EAP transport protocol
protected by EAP-TTLS, the default upper limit set by the max_message_count
parameter of the
eap-tnc and
eap-ttls plugins
have to be disabled in order not to disrupt the communication.
It is also recommended to set the maximum PB-TNC batch size and the maximum PA-TNC message size possible with PT-EAP transport to the optimum values defined above.
Restriction of TLS Cipher Suites
It is possible to restrict the TLS cipher suites proposed by the client
in a libtls section of
strongswan.conf
libtls
{
suites = TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
}
Integrity Measurement Collectors
Any number of Integrity Measurement Collectors (IMCs) can be attached to a TNC Client.
An IMC is a dynamic library which communicates with the TNC Client via the
TNC IF-IMC API defined in the form of a C header file. The /etc/tnc_config
file tells the TNC Client which IMCs are to be loaded:
#IMC-Configuration IMC "OS" /usr/lib/ipsec/imcvs/imc-os.so IMC "Scanner" /usr/lib/ipsec/imcvs/imc-scanner.so # IMC "SWIMA" /usr/lib/ipsec/imcvs/imc-swima.so # IMC "Attestation" /usr/lib/ipsec/imcvs/imc-attestation.so
In the configuration file above, the OS IMC and the Scanner IMC are enabled, so
that these Integrity Measurement Collectors have to be built beforehand with the
./configure options
--enable-imc-os --enable-imc-scanner
When the charon daemon starts up, the IMCs are loaded.
IMC 1 OS and IMC 2 Scanner subcribe to the standard PA-TNC message subtypes
Operating System and Firewall defined in the IETF namespace, respectively.
00[DMN] Starting IKE charon daemon (strongSwan 5.9.7, Linux 5.13.0-35-generic, x86_64) 00[TNC] loading IMCs from '/etc/tnc_config' 00[TNC] added IETF attributes 00[TNC] added ITA-HSR attributes 00[TNC] added PWG attributes 00[TNC] added TCG attributes 00[LIB] libimcv initialized 00[IMC] IMC 1 "OS" initialized 00[IMC] processing "/etc/os-release" file 00[IMC] operating system type is 'Ubuntu' 00[IMC] operating system name is 'Ubuntu' 00[IMC] operating system version is '20.04 x86_64' 00[TNC] IMC 1 supports 1 message type: 'IETF/Operating System' 0x000000/0x00000001 00[TNC] IMC 1 "OS" loaded from '/usr/lib/ipsec/imcvs/imc-os.so' 00[IMC] IMC 2 "Scanner" initialized 00[TNC] IMC 2 supports 1 message type: 'IETF/Firewall' 0x000000/0x00000005 00[TNC] IMC 2 "Scanner" loaded from '/usr/lib/ipsec/imcvs/imc-scanner.so'
TNC-Enabled VPN Client Configuration
After charon has loaded all its plugins and spawned
16 worker threads, the swanctl start scripts load
the credentials and the connection configurations.
00[LIB] loaded plugins: charon random nonce x509 constraints pubkey pem openssl sqlite kernel-netlink resolve socket-default vici updown eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 00[JOB] spawning 16 worker threads 00[DMN] executing start script 'creds' (swanctl --load-creds) 01[CFG] loaded certificate 'C=CH, O=Cyber, CN=client.strongswan.org' 09[CFG] loaded certificate 'C=CH, O=Cyber, CN=Cyber Root CA' 11[CFG] loaded ECDSA private key 01[CFG] loaded EAP shared key with id 'eap-hacker' for: 'hacker' 00[DMN] creds: loaded certificate from '/etc/swanctl/x509/clientCert.pem' 00[DMN] creds: loaded certificate from '/etc/swanctl/x509ca/caCert.pem' 00[DMN] creds: loaded ECDSA key from '/etc/swanctl/ecdsa/clientKey.pem' 00[DMN] creds: loaded eap secret 'eap-hacker' 00[DMN] executing start script 'conns' (swanctl --load-conns) 05[CFG] added vici connection: tnc 00[DMN] conns: loaded connection 'tnc' 00[DMN] conns: successfully loaded 1 connections, 0 unloaded
The TNC-enabled VPN client configuration is based on the following
swanctl.conf file
connections {
tnc {
remote_addrs = 192.168.0.2
vips = 0.0.0.0
local {
auth = eap-ttls
# used with certificate-based EAP-TLS client authenticaton
eap_id = client.strongswan.org
# used with password-based EAP-MD5 client authentication
# eap_id = hacker
}
remote {
auth = eap-ttls
id = server.strongswan.org
}
children {
tnc {
remote_ts = 10.1.0.0/16,192.168.0.2
esp_proposals = aes256gcm128-x25519
}
}
version = 2
proposals = aes256-sha256-x25519
send_certreq = no
}
}
secrets {
eap-hacker {
id = hacker
secret = K8FW9/N0VIAJ
}
}
Two configuration variants are possible. The first that is currently enabled uses certificate-based EAP client authentication whereas the second alternative that is currently commented out is based on a preshared EAP secret. In the following we are going to discuss both variants.
Certificate-Based EAP Client Authentication
The client authentication is based on an EAP Identity defined by
eap_id = client.strongswan.org
as enabled in the configuration above, matched by an X.509 client certificate that is going to be used in the initial TLS handshake of the EAP-TTLS method.
The swanctl --list-conns shows the loaded
VPN connection definition
# swanctl --list-conns
tnc: IKEv2, no reauthentication, rekeying every 14400s
local: %any
remote: 192.168.0.2
local EAP_TTLS authentication:
eap_id: client.strongswan.org
remote EAP_TTLS authentication:
id: server.strongswan.org
tnc: TUNNEL, rekeying every 3600s
local: dynamic
remote: 10.1.0.0/16 192.168.0.2/32
IKEv2 Connection Setup
The IPsec connection is started as usual with the
swanctl --initiate command
# swanctl --initiate --child tnc > /dev/null 07[CFG] vici initiate CHILD_SA 'tnc' 08[IKE] initiating IKE_SA tnc[1] to 192.168.0.2 08[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] 08[NET] sending packet: from 192.168.0.3[500] to 192.168.0.2[500] (240 bytes)
Since no IKE client identity has been explicitly defined, the client’s IP
address 192.168.0.3 is used by default. By sending the EAP_ONLY notify, the
client is signalling to the server that it is willing to accept EAP-only
authentication according to RFC5998
09[NET] received packet: from 192.168.0.2[500] to 192.168.0.3[500] (248 bytes)
09[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
09[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
09[CFG] no IDi configured, fall back on IP address
09[IKE] establishing CHILD_SA tnc{1}
09[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
09[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (272 bytes)
Since the VPN client didn’t include an AUTH payload in its IKE_AUTH request, the
VPN server switches to EAP-based authentication and at the outset requests an EAP
Identity. The client replies with its EAP Identity client.strongswan.org.
Due to the EAP-only mode, the server doesn’t include an AUTH payload in its
first IKE_AUTH response, either.
06[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (112 bytes) 06[ENC] parsed IKE_AUTH response 1 [ IDr EAP/REQ/ID ] 06[IKE] server requested EAP_IDENTITY (id 0x00), sending 'client.strongswan.org' 06[IKE] allow mutual EAP-only authentication 06[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ] 06[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (96 bytes)
EAP-TTLS Tunnel Setup
Next the server requests EAP-TTLS which triggers the client to start a TLS handshake
09[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (80 bytes) 09[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TTLS ] 09[IKE] server requested EAP_TTLS authentication (id 0x45) 09[TLS] EAP_TTLS version is v0 09[ENC] generating IKE_AUTH request 3 [ EAP/RES/TTLS ] 09[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (272 bytes)
The negotiated TLS 1.2 cipher suite is TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384.
The server sends its TLS server certificate and the client responds by sending
its TLS client certificate
10[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (928 bytes) 10[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TTLS ] 10[TLS] negotiated TLS 1.2 using suite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 10[TLS] received TLS server certificate 'C=CH, O=Cyber, CN=server.strongswan.org' 10[CFG] using certificate "C=CH, O=Cyber, CN=server.strongswan.org" 10[CFG] using trusted ca certificate "C=CH, O=Cyber, CN=Cyber Root CA" 10[CFG] reached self-signed root ca with a path length of 0 10[TLS] sending TLS client certificate 'C=CH, O=Cyber, CN=client.strongswan.org' 10[ENC] generating IKE_AUTH request 4 [ EAP/RES/TTLS ] 10[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (880 bytes)
The EAP-TTLS tunnel on top of IKEv2 EAP has been successfully established. Within the tunnel the client’s EAP Identity is requested again
09[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (176 bytes) 09[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TTLS ] 09[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/ID] 09[IKE] server requested EAP_IDENTITY authentication (id 0x00) 09[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/ID] 09[ENC] generating IKE_AUTH request 5 [ EAP/RES/TTLS ] 09[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (144 bytes)
PB-TNC Connection 1
Now within the EAP-TTLS tunnel the PT-EAP transport protocol is started and the
PB-TNC (TCG TNC IF-TNCCS 2.0) Connection ID 1 is assigned to the connection
by the TNC client and a new state is created for both the OS IMC and the
Scanner IMC
16[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (128 bytes) 16[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TTLS ] 16[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT] 16[IKE] server requested EAP_PT_EAP authentication (id 0xCC) 16[TLS] EAP_PT_EAP version is v1 16[TNC] TNC client is handling outbound connection 16[TNC] assigned TNCCS Connection ID 1 16[IMC] IMC 1 "OS" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh 16[IMC] over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 32722 bytes 16[IMC] IMC 2 "Scanner" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh 16[IMC] over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 32722 bytes 16[IMC] IMC 1 "OS" changed state of Connection ID 1 to 'Handshake' 16[IMC] IMC 2 "Scanner" changed state of Connection ID 1 to 'Handshake'
TNC Measurements
The OS IMC gathers information on the operating system and creates seven PA-TNC
attributes and puts them in a PA-TNC message of the standard subtype
Operating System
16[IMC] operating system numeric version is 20.4 16[IMC] last boot: Mar 28 07:42:58 UTC 2022, 39621 s ago 16[IMC] IPv4 forwarding is enabled 16[IMC] factory default password is disabled 16[IMC] device ID is a488651e36664792b306cf8be72dd630 16[TNC] creating PA-TNC message with ID 0x0f74f43f 16[TNC] creating PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002 16[TNC] creating PA-TNC attribute type 'IETF/String Version' 0x000000/0x00000004 16[TNC] creating PA-TNC attribute type 'IETF/Numeric Version' 0x000000/0x00000003 16[TNC] creating PA-TNC attribute type 'IETF/Operational Status' 0x000000/0x00000005 16[TNC] creating PA-TNC attribute type 'IETF/Forwarding Enabled' 0x000000/0x0000000b 16[TNC] creating PA-TNC attribute type 'IETF/Factory Default Password Enabled' 0x000000/0x0000000c 16[TNC] creating PA-TNC attribute type 'ITA-HSR/Device ID' 0x00902a/0x00000008 16[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001
The Scanner IMC determines all open listening ports using netstat and puts
the port list into a PA-TNC attribute which in turn is embedded in a PA-TNC
message of standard subtype Firewall
16[IMC] Active Internet connections (only servers) 16[IMC] Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name 16[IMC] tcp 0 0 127.0.0.11:41963 0.0.0.0:* LISTEN - 16[IMC] udp 0 0 0.0.0.0:4500 0.0.0.0:* 17/./charon 16[IMC] udp 0 0 127.0.0.11:47753 0.0.0.0:* - 16[IMC] udp 0 0 0.0.0.0:500 0.0.0.0:* 17/./charon 16[IMC] udp6 0 0 :::4500 :::* 17/./charon 16[IMC] udp6 0 0 :::500 :::* 17/./charon 16[TNC] creating PA-TNC message with ID 0x0dc7be19 16[TNC] creating PA-TNC attribute type 'IETF/Port Filter' 0x000000/0x00000006 16[TNC] creating PB-PA message type 'IETF/Firewall' 0x000000/0x00000005
Both PA-TNC messages are put into a PB-TNC Client Data batch and are sent to the TNC server
16[TNC] PB-TNC state transition from 'Init' to 'Server Working' 16[TNC] creating PB-TNC CDATA batch 16[TNC] adding IETF/PB-Language-Preference message 16[TNC] adding IETF/PB-PA message 16[TNC] adding IETF/PB-PA message 16[TNC] sending PB-TNC CDATA batch (321 bytes) for Connection ID 1 16[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT] 16[ENC] generating IKE_AUTH request 6 [ EAP/RES/TTLS ] 16[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (448 bytes)
A PB-TNC Server Data batch containing two PA-TNC messages is received by the TNC client.
05[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (640 bytes) 05[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TTLS ] 05[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT] 05[TNC] received TNCCS batch (512 bytes) 05[TNC] TNC client is handling inbound connection 05[TNC] processing PB-TNC SDATA batch for Connection ID 1 05[TNC] PB-TNC state transition from 'Server Working' to 'Client Working' 05[TNC] processing IETF/PB-PA message (72 bytes) 05[TNC] processing IETF/PB-PA message (432 bytes)
The first PA-TNC message is of standard subtype Operating System and contains
a PA-TNC attribute of type Segmentation Contract Request defined in the TCG
namespace which proposes to split up huge PA-TNC messages into segments with a
maximum size of 32'698 bytes each (see
PA-TNC message segmentation),
plus a second PA-TNC attribute of the standard type Attribute Request which
requests a PA-TNC attribute of standard type Installed Packages
05[TNC] handling PB-PA message type 'IETF/Operating System' 0x000000/0x00000001 05[IMC] IMC 1 "OS" received message for Connection ID 1 from IMV 1 05[TNC] processing PA-TNC message with ID 0xc084b149 05[TNC] processing PA-TNC attribute type 'TCG/Segmentation Contract Request' 0x005597/0x00000021 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001 05[TNC] 0x000000/0x00000007 'IETF/Installed Packages' 05[IMC] IMC 1 received a segmentation contract request from IMV 1 for PA message type 'IETF/Operating System' 0x000000/0x00000001 05[IMC] no message size limit, maximum segment size of 32698 bytes
The OS IMC compiles a list of all installed Ubuntu packages for the
Installed Packages PA-TNC attribute and puts it into a PA-TNC message of
standard subtype Operating System together with the Segmentation Contract Response
PA-TNC attribute defined in the TCG namespace
05[IMC] package 'adduser' (3.118ubuntu2)
05[IMC] package 'apt' (2.0.4)
05[IMC] package 'base-files' (11ubuntu5.3)
05[IMC] package 'base-passwd' (3.5.47)
...
05[IMC] package 'tar' (1.30+dfsg-7ubuntu0.20.04.1)
05[IMC] package 'ubuntu-keyring' (2020.02.11.2)
05[IMC] package 'util-linux' (2.34-0.1ubuntu9.1)
05[IMC] package 'zlib1g' (1:1.2.11.dfsg-2ubuntu1.2)
05[TNC] creating PA-TNC message with ID 0x6e31e351
05[TNC] creating PA-TNC attribute type 'TCG/Segmentation Contract Response' 0x005597/0x00000022
05[TNC] creating PA-TNC attribute type 'IETF/Installed Packages' 0x000000/0x00000007
05[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001
The Scanner IMC processes the second PA-TNC message of standard subtype
Firewall which contains the standard PA-TNC attributes Assessment Result
and Remediation Instructions which contain the result non-compliant minor
and the remediation to close the TCP server port 41963
05[TNC] handling PB-PA message type 'IETF/Firewall' 0x000000/0x00000005 05[IMC] IMC 2 "Scanner" received message for Connection ID 1 from IMV 2 05[TNC] processing PA-TNC message with ID 0x26d87477 05[TNC] processing PA-TNC attribute type 'IETF/Assessment Result' 0x000000/0x00000009 05[TNC] processing PA-TNC attribute type 'IETF/Remediation Instructions' 0x000000/0x0000000a 05[IMC] ***** assessment of IMC 2 "Scanner" from IMV 2 ***** 05[IMC] assessment result is 'non-compliant minor' 05[IMC] remediation string: [en] 05[IMC] <?xml version="1.0" encoding="UTF-8"?> 05[IMC] <remediationinstructions> 05[IMC] <instruction> 05[IMC] <title>Open Server Ports</title> 05[IMC] <description>Open Internet ports have been detected</description> 05[IMC] <itemsheader>Please close the following server ports:</itemsheader> 05[IMC] <items> 05[IMC] <item>tcp/41963</item> 05[IMC] </items> 05[IMC] </instruction> 05[IMC] </remediationinstructions> 05[IMC] ***** end of assessment *****
The PA-TNC message containing the Installed Packages standard attribute is
sent in a PB-TNC Client Data batch to the TNC server. Since the batch with a
size of 2845 bytes is quite large, it is broken up into three EAP-TTLS segments
05[TNC] TNC client is handling outbound connection 05[TNC] PB-TNC state transition from 'Client Working' to 'Server Working' 05[TNC] creating PB-TNC CDATA batch 05[TNC] adding IETF/PB-PA message 05[TNC] sending PB-TNC CDATA batch (2845 bytes) for Connection ID 1 05[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT] 05[ENC] generating IKE_AUTH request 7 [ EAP/RES/TTLS ] 05[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (1104 bytes)
06[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (80 bytes) 06[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TTLS ] 06[ENC] generating IKE_AUTH request 8 [ EAP/RES/TTLS ] 06[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (1104 bytes)
05[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (80 bytes) 05[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TTLS ] 05[ENC] generating IKE_AUTH request 9 [ EAP/RES/TTLS ] 05[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (944 bytes)
A PB-TNC Result batch is received by the TNC client. It contains a PA-TNC message
of standard subtype Operating System directed to the OS IMC and carries
a standard Assessment Result PA-TNC attribute with the value compliant.
Additionally the PB-TNC Result batch contains the three standard PB-TNC messages
of standard types PB-Assessment-Result, PB-Access-Recommendation, and
PB-Reason-String with the values non-compliant minor, Access Denied
and Open server ports were detected, respectively.
Finally the TNC client sends a PB-TNC Close batch to the TNC server, closing
down the PA-TNC Connection with ID 1
06[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (272 bytes) 06[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/TTLS ] 06[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT] 06[TNC] received TNCCS batch (138 bytes) 06[TNC] TNC client is handling inbound connection 06[TNC] processing PB-TNC RESULT batch for Connection ID 1 06[TNC] PB-TNC state transition from 'Server Working' to 'Decided' 06[TNC] processing IETF/PB-PA message (48 bytes) 06[TNC] processing IETF/PB-Assessment-Result message (16 bytes) 06[TNC] processing IETF/PB-Access-Recommendation message (16 bytes) 06[TNC] processing IETF/PB-Reason-String message (50 bytes) 06[TNC] handling PB-PA message type 'IETF/Operating System' 0x000000/0x00000001 06[IMC] IMC 1 "OS" received message for Connection ID 1 from IMV 1 06[TNC] processing PA-TNC message with ID 0x8341ae40 06[TNC] processing PA-TNC attribute type 'IETF/Assessment Result' 0x000000/0x00000009 06[IMC] ***** assessment of IMC 1 "OS" from IMV 1 ***** 06[IMC] assessment result is 'compliant' 06[IMC] ***** end of assessment ***** 06[TNC] PB-TNC assessment result is 'non-compliant minor' 06[TNC] PB-TNC access recommendation is 'Access Denied' 06[IMC] IMC 1 "OS" changed state of Connection ID 1 to 'None' 06[IMC] IMC 2 "Scanner" changed state of Connection ID 1 to 'None' 06[TNC] reason string is 'Open server ports were detected' [en] 06[TNC] TNC client is handling outbound connection 06[TNC] PB-TNC state transition from 'Decided' to 'End' 06[TNC] creating PB-TNC CLOSE batch 06[TNC] sending PB-TNC CLOSE batch (8 bytes) for Connection ID 1 06[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT] 06[ENC] generating IKE_AUTH request 10 [ EAP/RES/TTLS ] 06[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (144 bytes)
The VPN server and subsequently the VPN client close the EAP-TTLS tunnel over IKEv2 EAP since it is not needed anymore for TNC measurements
10[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (112 bytes) 10[ENC] parsed IKE_AUTH response 10 [ EAP/REQ/TTLS ] 10[TLS] received TLS close notify 10[TLS] sending TLS close notify 10[ENC] generating IKE_AUTH request 11 [ EAP/RES/TTLS ] 10[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (112 bytes)
IKEv2 Authentication Failure
Since the overall PB-TNC PB-Assessment-Recommendation was Access Denied
due to the open TCP server port, the IKEv2 negotiation aborts as well. The PB-TNC
Connection 1 is removed and the states of the OS IMC and Scanner IMC
are deleted
09[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (80 bytes) 09[ENC] parsed IKE_AUTH response 11 [ EAP/FAIL ] 09[IKE] received EAP_FAILURE, EAP authentication failed 09[ENC] generating INFORMATIONAL request 12 [ N(AUTH_FAILED) ] 09[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (80 bytes) 09[IMC] IMC 1 "OS" deleted the state of Connection ID 1 09[IMC] IMC 2 "Scanner" deleted the state of Connection ID 1 09[TNC] removed TNCCS Connection ID 1 initiate failed: establishing CHILD_SA 'tnc' failed
PSK-Based EAP Client Authentication
Alternatively a preshared EAP secret could be used with EAP-MD5 or EAP-MSCHAPv2 within EAP-TTLS by enabling the EAP Identity
eap_id = hacker
in the configuration file swanctl.conf defined
above and then reloading the edited
configuration with the swanctl --load-conns
command. The swanctl --list-conns then
shows the reloaded VPN connection definition
swanctl --list-conns
tnc: IKEv2, no reauthentication, rekeying every 14400s
local: %any
remote: 192.168.0.2
local EAP_TTLS authentication:
eap_id: hacker
remote EAP_TTLS authentication:
id: server.strongswan.org
tnc: TUNNEL, rekeying every 3600s
local: dynamic
remote: 10.1.0.0/16 192.168.0.2/32
IKEv2 Connection Setup
The IPsec connection is again started with the
swanctl --initiate command
# swanctl --initiate --child tnc > /dev/null 10[CFG] vici initiate CHILD_SA 'tnc' 01[IKE] initiating IKE_SA tnc[2] to 192.168.0.2 01[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] 01[NET] sending packet: from 192.168.0.3[500] to 192.168.0.2[500] (240 bytes)
Since no IKE client identity has been explicitly defined, the client’s IP
address 192.168.0.3 is used by default. By sending the EAP_ONLY notify the
client is signalling to the server that it is willing to accept EAP-only
authentication according to RFC5998
14[NET] received packet: from 192.168.0.2[500] to 192.168.0.3[500] (248 bytes)
14[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
14[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
14[CFG] no IDi configured, fall back on IP address
14[IKE] establishing CHILD_SA tnc{2}
14[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
14[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (272 bytes)
Since the VPN client didn’t include an AUTH payload in its IKE_AUTH request, the
VPN server switches to EAP-based authentication and at the outset requests an EAP
Identity. The client replies with its EAP Identity hacker. Due to the EAP-only
mode, the server doesn’t include an AUTH payload in its first IKE_AUTH response,
either.
13[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (112 bytes) 13[ENC] parsed IKE_AUTH response 1 [ IDr EAP/REQ/ID ] 13[IKE] server requested EAP_IDENTITY (id 0x00), sending 'hacker' 13[IKE] allow mutual EAP-only authentication 13[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ] 13[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (80 bytes)
EAP-TTLS Tunnel Setup
Next the server requests EAP-TTLS which triggers the client to start a TLS handshake
14[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (80 bytes) 14[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TTLS ] 14[IKE] server requested EAP_TTLS authentication (id 0x86) 14[TLS] EAP_TTLS version is v0 14[ENC] generating IKE_AUTH request 3 [ EAP/RES/TTLS ] 14[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (272 bytes)
The negotiated TLS 1.2 cipher suite is TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384.
The server sends its TLS server certificate
06[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (896 bytes) 06[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TTLS ] 06[TLS] negotiated TLS 1.2 using suite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 06[TLS] received TLS server certificate 'C=CH, O=Cyber, CN=server.strongswan.org' 06[CFG] using certificate "C=CH, O=Cyber, CN=server.strongswan.org" 06[CFG] using trusted ca certificate "C=CH, O=Cyber, CN=Cyber Root CA" 06[CFG] reached self-signed root ca with a path length of 0 06[ENC] generating IKE_AUTH request 4 [ EAP/RES/TTLS ] 06[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (240 bytes)
The EAP-TTLS tunnel on top of IKEv2 EAP has been successfully established. Within the tunnel the client’s EAP Identity is requested again
05[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (176 bytes) 05[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TTLS ] 05[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/ID] 05[IKE] server requested EAP_IDENTITY authentication (id 0x00) 05[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/ID] 05[ENC] generating IKE_AUTH request 5 [ EAP/RES/TTLS ] 05[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (128 bytes)
Within the EAP-TTLS tunnel the EAP-MD5 authentication based on the EAP preshared secret is done
13[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (144 bytes) 13[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TTLS ] 13[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/MD5] 13[IKE] server requested EAP_MD5 authentication (id 0xD4) 13[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/MD5] 13[ENC] generating IKE_AUTH request 6 [ EAP/RES/TTLS ] 13[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (144 bytes)
PB-TNC Connection 2
Again the PT-EAP transport protocol is started within the EAP-TTLS tunnel and the
PB-TNC (TCG IF-TNCCS) Connection ID 2 is assigned to the connection by the TNC
client and a fresh state is created for both the OS IMC and the Scanner IMC
08[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (128 bytes) 08[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TTLS ] 08[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT] 08[IKE] server requested EAP_PT_EAP authentication (id 0x09) 08[TLS] EAP_PT_EAP version is v1 08[TNC] TNC client is handling outbound connection 08[TNC] assigned TNCCS Connection ID 2 08[IMC] IMC 1 "OS" created a state for IF-TNCCS 2.0 Connection ID 2: +long +excl -soh 08[IMC] over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 32722 bytes 08[IMC] IMC 2 "Scanner" created a state for IF-TNCCS 2.0 Connection ID 2: +long +excl -soh 08[IMC] over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 32722 bytes 08[IMC] IMC 1 "OS" changed state of Connection ID 2 to 'Handshake' 08[IMC] IMC 2 "Scanner" changed state of Connection ID 2 to 'Handshake'
TNC Measurements
The TNC measurements are the same as in the previous PB-TNC connection.
IKEv2 Authentication Failure
Since the overall PB-TNC PB-Assessment-Recommendation was Access Denied
due to the open TCP server port, the IKEv2 negotiation aborts as well. The PB-TNC
Connection 2 is removed and the states of the OS IMC and Scanner IMC
are deleted
09[NET] received packet: from 192.168.0.2[4500] to 192.168.0.3[4500] (80 bytes) 09[ENC] parsed IKE_AUTH response 9 [ EAP/FAIL ] 09[IKE] received EAP_FAILURE, EAP authentication failed 09[ENC] generating INFORMATIONAL request 10 [ N(AUTH_FAILED) ] 09[NET] sending packet: from 192.168.0.3[4500] to 192.168.0.2[4500] (80 bytes) 09[IMC] IMC 1 "OS" deleted the state of Connection ID 2 09[IMC] IMC 2 "Scanner" deleted the state of Connection ID 2 09[TNC] removed TNCCS Connection ID 2 initiate failed: establishing CHILD_SA 'tnc' failed