Android VPN with strongSwan client to a Debian Gateway

It's nice to be sure that your data connection is not interfered with by overzealous network providers, additionally you may wish to hide your network traffic from at least the first hop. IPSec VPN provides a way to do this.

Create a Certification Authority

mkdir /etc/ca
cd /etc/ca
ipsec pki -gen caKey.der
chmod 600 caKey.der
ipsec pki --self --in caKey.der --dn "C=CH, O=z, CN=strongSwan CA" --ca > caCert.der

Create the gateway Certificate

Note that the gateway has an extra field in its certificate, the subjectAltName. This is required for at least android and MacOS X clients to connect

cd /etc/ca
ipsec pki --gen apple.rat.burntout.org.key.der
chmod 600 apple.rat.burntout.org.key.der
ipsec pki --pub --in apple.rat.burntout.org.key.der | ipsec pki --issue --cacert caCert.der --cakey caKey.der --dn "C=GB, O=z, CN=apple.rat.burntout.org" --san apple.rat.burntout.org > apple.rat.burntout.org.der 

Copy required keys and certs to strongSwan directory

cp /etc/ca/caCert.der /etc/ipsec.d/cacerts/
cp /etc/ca/apple.rat.burntout.org.key.der /etc/ipsec.d/private/
chmod 600 /etc/ipsec.d/private/apple.rat.burntout.org.key.der
cp /etc/ca/apple.rat.burntout.org.der /etc/ipsec.d/certs/

Create a client certificates

Create a private key in DER format

ipsec pki --gen > nexus4Key.der

Create a public x509 certificate in DER format

ipsec pki --pub --in nexus4.aland.Key.der | ipsec pki --issue --cacert caCert.der --cakey caKey.der --dn "C=GB, O=zajac, CN=nexus4.aland" > nexus4.aland.Cert.der

Convert them to pem format

To get the certificates into android we need to first create a PKCS12 certificate bundle. This requires the key and certificate to be in PEM format

openssl x509 -inform der -outform pem -in nexus4.aland.Cert.der  -out nexus4.aland.Cert.pem
openssl rsa -inform der -outform pem -in nexus4.aland.Key.der  -out nexus4.aland.Key.pem
openssl pkcs12 -inkey nexus4.aland.Key.pem -in nexus4.aland.Cert.pem -export -out nexus4.aland.p12

Also convert the CA certificate to PEM format

openssl x509 -infor der -outform pem -in caCert.der -out caCert.pem

Android Configuration

Transfer required certificates and cert to phone

one way to do this is to use the adb commands

adb shell
shell@mako:/ $ mkdir /mnt/sdcard/certs/
shell@make:/ exit
adb push nexus4.aland.p12 /mnt/sdcard/certs/.
adb push caCert.pem /mnt/sdcard/certs/.

Install CA certificate into Android

Launch System->Security->Credential Storage->Install from storage on Android. Navigate to the /certs directory and select caCert.pem

Install and configure strongSwan on your phone

Install strongSwan client http://wiki.strongswan.org/projects/strongswan/wiki/Android

  • Configure Gateway to be the DNS name of the Gateway ( Note that this must be the SubjectAltName of the Gatewaay certificate too )
  • Select IKEv2 Certificate
  • Select Certificate and navigate to your installed certificate.

Configure Gateway

Create an ipsec connection stanza similar to this

conn nexus4.aland
        ikelifetime=60m
        keylife=20m
        rekeymargin=3m
        keyingtries=1  
        keyexchange=ikev2  
        left=81.95.52.68
        leftcert=apple.rat.burntout.org.der
        leftid="C=GB, O=z, CN=apple.rat.burntout.org"
        leftsubnet=0.0.0.0/0
        leftfirewall=yes
        rightsourceip=10.3.0.0/24
        right=%any
        rightid="C=GB, O=z, CN=nexus4.aland"
        rightdns=8.8.8.8
        auto=add
        ike=aes128-sha256-modp2048!
        esp=aes128-sha256-modp2048!

Reload strongSwan and check you can connect.

ipsec stop
ipsec start

View the status of the connection crypto with

ipsec statusall

Security Associations (1 up, 0 connecting):
nexus4.aland[2]: ESTABLISHED 2 minutes ago, 81.95.52.68[C=GB, O=z, CN=apple.rat.burntout.org]...87.123.213.4[C=GB, O=z, CN=nexus4.aland]
nexus4.aland[2]: IKEv2 SPIs: 033caab76ae8ccee_i 51c2d02499a2989c_r*, public key reauthentication in 52 minutes
nexus4.aland[2]: IKE proposal: AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
nexus4.aland{1}:  INSTALLED, TUNNEL, ESP in UDP SPIs: ce33fac0_i 63efe356_o
nexus4.aland{1}:  AES_CBC_128/HMAC_SHA2_256_128, 149222 bytes_i (1219 pkts, 2s ago), 930711 bytes_o (1479 pkts, 2s ago), rekeying in 11 minutes
nexus4.aland{1}:   0.0.0.0/0 === 10.3.0.1/32 

Routing and NAT

Traffic from your Android will be from the Virtual network 10.3.0.0/24 defined in the configuration on the gateway. Make sure you can route/Nat from that subnet to the internet.

Further info

  • This will probably work nicely with only minor changes for a mobile roadwarrior using Linux
  • Not sure why the IKE proposal is using SHA1, but the ESP is SHA2-128 ?