[Openswan Users] Road Warrior behind NAT - Aggressive Mode: wrong NAT-T decision
hiren joshi
joshihirenn at gmail.com
Fri Jul 11 02:33:25 EDT 2008
The bug exists in 2.4.12 too.
In aggressive mode initiator uses port 500 to generate the hash (because the
packet was received on 500) and sends it in NAT-D payload.
"htoh" #4: Aggressive mode peer ID is ID_IPV4_ADDR: '172.16.2.2'
| _natd_hash: hasher=0x80eab00(16)
| _natd_hash: icookie=
| a3 87 5b b4 de d8 47 76
| _natd_hash: rcookie=
| 99 fc e2 0c 65 1a 3e 79
| _natd_hash: ip= ac 10 02 02
| _natd_hash: port=500
| _natd_hash: hash= 61 47 3f 04 ef 22 98 c9 2b b1 5b 87 e3 2b f6 40
Responder uses 4500 to verify received hash as it has switch to 4500.
"aggr-1"[2] 172.16.2.1 #62: STATE_AGGR_R1: sent AR1, expecting AI2
| processing connection aggr-1[2] 172.16.2.1
| _natd_hash: hasher=0x80eab00(16)
| _natd_hash: icookie=
| a3 87 5b b4 de d8 47 76
| _natd_hash: rcookie=
| 99 fc e2 0c 65 1a 3e 79
| _natd_hash: ip= ac 10 02 02
| _natd_hash: port=4500
| _natd_hash: hash= a7 0c 8c ed b5 b0 ed 0f 33 7d 4f 39 f1 7e d3 ee
...
| expected NAT-D(me): a7 0c 8c ed b5 b0 ed 0f 33 7d 4f 39 f1 7e d3 ee
| expected NAT-D(him):
| a4 77 17 54 20 77 12 1f cf c2 80 ff 98 0e 51 a1
| received NAT-D: 61 47 3f 04 ef 22 98 c9 2b b1 5b 87 e3 2b f6 40
| NAT_TRAVERSAL hash=1 (me:0) (him:0)
...
| NAT_TRAVERSAL hash=2 (me:0) (him:0)
"aggr-1"[2] 172.16.2.1 #62: NAT-Traversal: Result using RFC 3947
(NAT-Traversal): both are NATed
I didn't find any help from http://tools.ietf.org/html/rfc3947.- Hide quoted
text -
Thanks for your time.
-hiren
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080711/9c01a9de/attachment-0001.html
More information about the Users
mailing list