topic Re: Ikev2 - Multiple Diffie-Hellman Groups per proposal - VPND not always matching correct group. in Firewall and Security Management

Ikev2 - Multiple Diffie-Hellman Groups per proposal - VPND not always matching correct group.

StackCap43382 — Mon, 03 Oct 2022 11:20:36 GMT

Hi All,

Very strange issue with an IKEv2 S2S VPN that I've not seen before.

The peer VPN device is configured to send multiple DH groups per proposal.
For each new initial received from the peer The CKP is rotating through matching the DH group and not.

When it does not match, it seems to match the last of the groups configured in the proposal:

[ikev2] My proposal list: - 1 proposal(s)
[ikev2] Proposal 1 of 1
...
[ikev2] Diffie-Hellman Groups: Group 14
...
[ikev2] dbCommunityHandle::getPrefIkeGrpMethod: dh group: 14.
[ikev2] Peer proposal list: - 4 proposal(s)
[ikev2] Proposal 1 of 4
...
[ikev2] Diffie-Hellman Groups: Group 20 (384-bit random ECP group),Group 19 (256-bit random ECP group),Group 16,Group 14,Group 5,Group 2
...
[ikev2] The common proposal:
...
[ikev2] Diffie-Hellman Groups: Group 14
...
[ikev2] SAIkeValidator::isValidSA: group in KE payload (2) differs than the one we agree on (14)
[ikev2] Exchange::setLog: Setting log message: Sending notification to peer: Invalid Key Exchange payload..

The behavior is much like the known proposal limit issue:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk112139&partition=Advanced&product=IPSec

I'm going to raise with TAC but a quick search does not show any obvious mention of compatibility issues with proposals containing multiple DHs.

Re: Ikev2 - Multiple Diffie-Hellman Groups per proposal - VPND not always matching correct group.

Chris_Atkinson — Mon, 03 Oct 2022 11:36:18 GMT

I recall a similar issue with Azure in the past.

Which version/JHF is used and what is the peer device?

Re: Ikev2 - Multiple Diffie-Hellman Groups per proposal - VPND not always matching correct group.

maad-pul — Mon, 12 Feb 2024 20:17:34 GMT

Hi!

What did you received for information from TAC?
I have some simlar errors after upgrading from 81.10 to 81.20 TAKE41.

SAIkeValidator::isValidSA: group in KE payload (21) differs than the one we agree on (20)

Regards

Mattias

Re: Ikev2 - Multiple Diffie-Hellman Groups per proposal - VPND not always matching correct group.

StackCap43382 — Mon, 12 Feb 2024 20:42:49 GMT

Look in the key exchange packet, you'll see there is a Diffie-Group specified.

The Diffie in the KE needs to be the same as defined in the VPN community encryption settings.

In check point they need to match.

SAIkeValidator::isValidSA: group in KE payload (21) differs than the one we agree on (20) = the Key Exchange configuration does not match the Community Encryption.

Re: Ikev2 - Multiple Diffie-Hellman Groups per proposal - VPND not always matching correct group.

maad-pul — Mon, 12 Feb 2024 21:05:51 GMT

The strange thing is that reviived a lot om alorith and DH-GROUPS in 1 Proposal. I don´t to if the "limit issue" you are refering to is related to maximum values within 1 propsal as well or if the limit is just related to 16 proposal.

[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] Peer proposal list: - 1 proposal(s)
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] Proposal 1 of 1
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] Encryption Algorithm: AES-256,AES-192,AES-128
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] Pseudo Random Function: PRF-SHA512,PRF-SHA384,PRF-SHA256,PRF-SHA1
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] Integrity Algorithm: HMAC-SHA2-512,HMAC-SHA2-384,HMAC-SHA2-256,HMAC-SHA1
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] Diffie-Hellman Groups: Group 24 (2048-bit group with 256-bit subgroup),Group 21 (521-bit random ECP group),Group 20 (384-bit random ECP group),Group 19 (256-bit random ECP group),Group 16,Group 15,Group 14,Group 5,Group 2
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] The common proposal:
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] Encryption Algorithm: AES-256
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] Pseudo Random Function: PRF-SHA512
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] Integrity Algorithm: HMAC-SHA2-512
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] Diffie-Hellman Groups: Group 20 (384-bit random ECP group)
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] SAIkeValidator::isValidSA: group in KE payload (21) differs than the one we agree on (20)
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] Exchange::addNotification: entering..
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] ikeSimpOrder::isSharedSecretAuth: entering (order 27579, ref count 1).
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] dbCommunityHandle::usingPresharedSecret: entering
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] ikeInitialExchange_r::getMethods: No ike sa.
[iked1 16790 4067246528]@GATEWAY[12 Feb 14:32:33][ikev2] Exchange::setLog: Setting log message:
Sending notification to peer: Invalid Key Exchange payload..

Regards

Mattias

Re: Ikev2 - Multiple Diffie-Hellman Groups per proposal - VPND not always matching correct group.

StackCap43382 — Wed, 14 Feb 2024 08:30:57 GMT

Its not the proposal its the Key-exchange.

Look in the KE.

Re: Ikev2 - Multiple Diffie-Hellman Groups per proposal - VPND not always matching correct group.

BernhardN — Thu, 23 May 2024 10:14:33 GMT

Looks like sk180444.