Junos Security. Chapter 8: IPsec VPNs Juniper Networks, Inc. All rights reserved. Worldwide Education Services

Transcription

1 Junos Security Chapter 8: IPsec VPNs 2012 Juniper Networks, Inc. All rights reserved. Worldwide Education Services

2 Chapter Objectives After successfully completing this chapter, you will be able to: Identify various types of VPNs Define three major security concerns Describe IPsec VPNs and their functionality Configure IPsec VPNs using policy-based and route-based methods Monitor IPsec VPNs 8-2

3 Agenda: IPsec VPNs VPN Types Secure VPN Requirements IPsec Details Configuration of IPsec VPNs IPsec VPN Monitoring 8-3

4 Defining VPNs Historically, VPN is a broad term Generally defined as a means for transporting a subset of network traffic over a separate network Performed through tunneling, separating, or securing different types of traffic Types of VPNs today: Clear-text VPNs Layer 3 VPNs, Layer 2 VPNs, or VPLS Secure VPNs IPsec Combination of clear-text and secure VPNs 8-4

5 Focus of this Chapter: Secure VPNs Provide secure tunnels across the Internet Encryption Payload verification Authentication Public Public Private IP Packet Encrypted Packet Private IP Packet 8-5

6 Agenda: IPsec VPNs VPN Types Secure VPN Requirements IPsec Details Configuration of IPsec VPNs IPsec VPN Monitoring 8-6

7 Security Concerns Three major concerns: Confidentiality Keep data secure and hidden Integrity Ensure that data remains unchanged Authentication Confirm that the data came from the advertised source 8-7

8 Confidentiality Data Encryption Data encryption details: Provides data confidentiality Encrypted and decrypted using keys Symmetric (secret) key Asymmetric (public and private) key A reversible process 8-8

9 Confidentiality Symmetric Key Encryption Basic form of encryption: Symmetric keys are faster at bulk data encryption Typical key sizes range from bits Examples: DES, 3DES, AES Sender Receiver 1 Original data Key Encrypted data + + Key 2 Encrypted data 3 Original data 8-9

10 Confidentiality Public Key Encryption Widely used form of strong encryption Slow when used for bulk data encryption Typical sizes range from bits Examples: RSA and DH Sender Receiver 1 Public Public Original data + Public Encrypted data + Private 2 4 Encrypted data 3 Original data

11 Integrity Hash functions provide integrity services One-way hashing algorithm cannot determine original data from hash value Fixed-length output (depending on algorithm) Examples: MD5 and SHA MD5 provides 128-bit output SHA1 provides 160-bit output SHA2 provides variable outputs

12 Integrity One-Way Hash Algorithms Example of a modulus operation: 7 r3 80mod11 = = Given the value 3, what was the original data? 80mod11 = 3 13mod5 = 3 203mod10 = 3 11mod8 = 3 100mod97 = 3 Hash functions can use the modulus operation in the hash creation process

13 Integrity The Hash Process Sender Data Receiver Data 3 HASH 1 2 Data HASH 4 Data HASH HASH 5 HASH If If the hash values match, the data is good

14 Source Authentication Validates datagrams by verifying that they came from the proper source Authentication process uses HMAC Adds a secret preshared key to the hashing process

15 Authentication with HMAC Sender Receiver Data + Hash key Data 3 HASH 1 2 Data + Hash key HASH 4 Data HASH HASH 5 HASH If the hash If values the hash match, values the data is good match, and the the source data is valid good

16 How Are Keys Exchanged? Encryption and hashing both rely on keys Manual configuration: Prone to configuration errors Rarely changed Automatic exchange: Uses public connections how do you secure the key exchange? The solution: Diffie-Hellman key exchange algorithm First published standard for public key cryptography Solves the key distribution problem through the use of public and private key pairs Only the public key travels across the network

17 Diffie-Hellman Groups Five sets of very large prime numbers (and a generator) serve as the modulus for the Diffie-Hellman algorithm Juniper Networks supports Groups 1, 2, and 5 Group 1 uses a 768-bit prime Group 2 uses a 1024-bit prime Group 5 uses a 1536-bit prime

18 The DH Key Exchange Process Internet Each device generates a public and private key pair PubA PrivA PubB PrivB Public keys exchange PubB PrivA PubA PrivB Local private and remote public keys are used in DH to form a common session key SESSION KEY Same session key, two different places SESSION KEY

19 Agenda: IPsec VPNs VPN Types Secure VPN Requirements IPsec Details Configuration of IPsec VPNs IPsec VPN Monitoring

20 IPsec Overview IPsec is an industry standard for providing IP data security and integrity services Works at the IP Layer Supports unicast and multicast traffic According to RFC 2401, IPsec provides security services at the IP Layer by enabling a system to select required security protocols, determine the algorithms to use for the services, and put in place any cryptographic keys required to provide the requested services

21 IPsec: A Two-Step Process IPsec VPNs consist of two major steps: 1. Tunnel establishment: Establishes a secure tunnel and parameters that define secure traffic Manual: Set all parameters manually Dynamic: Uses IKE 2. IPsec traffic processing: Protects traffic between the two tunnel endpoints by using security parameters defined in the tunnel establishment step

22 Step 1: Tunnel Establishment Using IKE IKE provides increased functionality in secure environments Uses UDP, Port 500 Establishes: Security parameters (security associations) for creating IPsec VPN tunnels Negotiates proposals containing encryption and authentication algorithms Creates encryption and authentication keys automatically, which provides the ability to rekey frequently Provides gateway identity function

23 Security Associations SAs are a set of policies and keys used to protect information between two peers An SA is uniquely identified by: The SPI, which is an internal index number A destination IP address A security protocol IKE SAs are: Established during IKE Phase 1 negotiations Bidirectional IPsec SAs are: Established during IKE Phase 2 negotiations Unidirectional

24 SA Database Remote Office Untrust Internet Trust Trust Untrust Corporate Office Security Database Name: VPNtoCorporate Gateway IP address: SPI: Local: 3001, Remote: 3002 Security protocol: ESP Encryption algorithm: 3DES Encryption key: xxxxyyyyzzzz Authentication algorithm: SHA Authentication key: aaabbbccc Security Database Name: VPNtoRemote Gateway IP address: SPI: Local: 3002, Remote: 3001 Security Protocol: ESP Encryption algorithm: 3DES Encryption key: xxxxyyyyzzzz Authentication algorithm: SHA Authentication key: aaabbbccc

25 IKE Phases IKE tunnel establishment: Phase 1: Two peers establish a secure, authenticated channel with which to communicate DH key exchange algorithm is used to generate a symmetric key common to the communicating gateways Main mode: Used when both tunnel peers have static IP addresses Aggressive mode: Used when one tunnel peer has a dynamically assigned IP address Phase 2: IPsec SAs are negotiated using a Phase 1 secure channel Proxy ID is used to identify which SA is referenced for VPN Diffie-Hellman key exchange algorithm can be used (again) to create PFS Phase 2 mode is called quick mode

26 IKE Phase 1: Main Mode Remote Corporate Internet ge-0/0/0: ge-0/0/1: ge-0/0/1: ge-0/0/0: Message 1: Cookie I, SA Proposal List Message 3: DH Public Value A, Nonce I Message 2: Cookie I, Cookie R, SA Proposal Accept Message 4: DH Public Value B, Nonce R Message 5: Identification I, Hash [ID-I + key] Encrypted and authenticated Message 6: Identification R, Hash [ID-R + key]

27 IKE Phase 1: Aggressive Mode Remote Corporate Internet ge-0/0/1: ge-0/0/0: ge-0/0/0: ge-0/0/1: (dynamic) Message 1: Cookie I, SA proposal list, DH public value A, nonce I Message 2: Cookie I, cookie R, SA proposal accept, DH public value B, nonce R, identification hash R Message 3: Hash [ID-I +key] Encrypted and authenticated

28 IKE Phase 2: Quick Mode Remote Corporate Internet ge-0/0/0: ge-0/0/1: ge-0/0/1: ge-0/0/0: Message 1: Hash using phase 1 information, message ID, SA proposal list, Nonce I, [DH Public Key I ], proxy ID Message 2: Hash using phase 1 information, message ID, SA proposal list accept, Nonce R, [DH Public Key I ], proxy ID Message 3: Hash using phase 1 information, message ID, Nonce I, Nonce R

29 IPsec: a Two-Step Process Step 2 IPsec VPNs consist of two major steps: 1. Tunnel establishment: Establishes a secure tunnel and parameters that define the secure traffic Manual: Set all parameters manually Dynamic: Uses IKE 2. IPsec traffic processing: Protects traffic between the two tunnel endpoints by using security parameters defined in the tunnel establishment step

30 Step 2: IPsec Traffic Processing Goal: Traffic protection IPsec modes: Transport Tunnel IPsec protocols: AH ESP IPsec Tunnel Transport AH ESP X

31 IPsec Modes Transport Mode Tunnel Mode B IPsec VPN A C LAN E LAN IP Header TCP Payload IP Header TCP Payload IP Header IPsec Header TCP Payload New IP Header IPsec Header IP Header TCP Payload IPsec Trailer

32 IPsec Protocols IPsec uses two protocols in transport or tunnel modes: AH: ESP: RFC 2402 Uses protocol number 51 RFC 2406 Uses protocol number 50 Most often used protocol in IPsec AH IPsec protocols 1. Integrity 2. Authentication 3. NO ENCRYPTION ESP 1. Integrity 2. Authentication 3. Confidentiality

33 Example: Tunnel Mode AH Packets Original packet IP Header TCP Data Next Header Payload Length SPI Sequence Number ICV New IP Header Protocol 51 AH IP Header TCP Data Authenticated

34 Example: Tunnel Mode ESP Packets Original packet IP Header TCP Data SPI Sequence Number New IP Header Protocol 50 ESP IP Header TCP Data ESP Trailer Next Header ICV Encrypted Authenticated

35 Traffic Processing (1 of 2) Host A Remote Corporate Host B Internet ge-0/0/1 ge-0/0/0 ge-0/0/0 ge-0/0/ Prefix Interface Gateway ge-0/0/ From zone Private to zone Public : if SA = & DA = & Application= any, then use tunnel HASH SPI HASH

36 Traffic Processing (2 of 2) Host A Remote Corporate Host B Internet ge-0/0/1: ge-0/0/0: ge-0/0/0: ge-0/0/1: SPI HASH 8 SPI Encap Encryp Auth 3001 ESP AES SHA 9 HASH = HASH Prefix Interface Gateway ge -0/0/ From zone Public to zone Private: if SA = & DA = & Application=all, then use tunnel

37 IPsec Summary Remote Corporate Internet ge-0/0/1: ge-0/0/0: ge-0/0/0: ge-0/0/1: Header, SA, DH Phase 1 Header, SA, DH SA, Proxy ID Data Phase 2 IPsec Tunnel IPsec VPN SA, Proxy ID Data

38 Agenda: IPsec VPNs VPN Types Secure VPN Requirements IPsec Details Configuration of IPsec VPNs IPsec VPN Monitoring

39 Junos OS IPsec Implementation IPsec implementation methods: Policy based: Upon a match, the security policy sets up the IPsec tunnel New tunnel generates for each flow of traffic that matches a policy Always has permit as policy action Route based: Upon a match, the security policy permits traffic with the destination address pointing to the secure tunnel interface st0.x A route to the destination is through the st0.x interface, which is bound to a specific IPsec tunnel Typically only one VPN generated between two sites

40 Elements of IPsec VPN Configuration Elements of IPsec VPN configuration include: 1. Configuration of IKE Phase 1 2. Configuration of IKE Phase 2 3. Applying IPsec implementation method: Configuration of policy-based IPsec VPNs Configuration of route-based IPsec VPNs

41 Configuring IKE Phase 1 Parameters (1 of 3) Step A: Configuring IKE Phase 1 proposals: [edit security ike] user@srx# show proposal proposal-name { authentication-method [pre-shared-keys rsa-signatures]; dh-group [group1 group2 group5]; authentication-algorithm [md5 sha-256 sha1]; encryption-algorithm [3des-cbc aes-128-cbc aes-192-cbc aes-256-cbc des-cbc]; lifetime-seconds seconds; Optionally, use the Junos predefined Phase 1 proposal from these choices: basic compatible standard

42 Configuring IKE Phase 1 Parameters (2 of 3) Step B: Configure IKE Phase 1 policies and reference the IKE proposals [edit security ike] user@srx# show policy policy-name { mode [main aggressive]; (proposals proposal-name) (proposal-set [basic compatible standard]); pre-shared-key [ascii-text hexadecimal];

43 Configuring IKE Phase 1 Parameters (3 of 3) Step C: Configure the IKE Phase 1 gateway and reference the IKE policy configured in Step B [edit security ike] user@srx# show gateway gateway-name { ike-policy policy-name; address address; external-interface interface-name; dead-peer-detection { interval seconds; threshold number;

44 Configuring IKE Phase 2 Parameters (1 of 3) Step A: Configure IKE Phase 2 proposals: [edit security ipsec] user@srx# show proposal proposal-name { protocol [ah esp]; authentication-algorithm [hmac-md5-96 hmac-sha1-96]; encryption-algorithm [3des-cbc aes-128-cbc aes-192-cbc aes-256-cbc des-cbc]; lifetime-kilobytes kilobytes; lifetime-seconds seconds; Optionally, use the Junos predefined Phase 2 proposal from these choices: basic compatible standard

45 Configuring IKE Phase 2 Parameters (2 of 3) Step B: Configure the IKE Phase 2 policies and reference the IKE proposals [edit security ipsec] user@srx# show policy policy-name { perfect-forward-secrecy { keys [group1 group2 group5]; (proposals proposal-name) (proposal-set [basic compatible standard]);

46 Configuring IKE Phase 2 Parameters (3 of 3) Step C: Configure the IKE Phase 2 VPN tunnel and reference the IKE Phase 2 policy configured in Step B [edit security ipsec] user@srx# show vpn vpn-name { bind-interface st0.x; ike { gateway gateway-name; ipsec-policy policy-name; manual { establish-tunnels [immediately on-traffic]; Is necessary only for route-based VPNs Is necessary if using the dynamic key Is necessary if using the manual key

47 Applying IPsec Policy-Based IPsec VPNs Apply the IPsec VPN from the security policy [edit security policies] show from-zone source-zone-name to-zone destination-zone-name { policy policy-name { match { then { permit { tunnel { ipsec-vpn ipsec-tunnel-name; Reference to the IPsec VPN tunnel

48 Applying IPsec Route-Based IPsec VPNs Steps: [edit interface] show st0 { unit number { family inet { address address; mtu mtu-size; [edit routing-options] user@srx# show static { route /24 next-hop st0.x; [edit security zones] user@srx# show security-zone zone-name interfaces { ge-1/0/1.0; st0.x; [edit security ipsec] user@srx# show vpn vpn-name { bind-interface st0.x;

49 Agenda: IPsec VPNs VPN Types Secure VPN Requirements IPsec Details Configuration of IPsec VPNs IPsec VPN Monitoring

50 Example: Creating Policy-Based IPsec VPNs Using IKE HR Zone Edge Public Zone Remote A ge-1/0/1 Internet B C PrivatePC [edit security policies] user@edge# show from-zone HR to-zone Public { policy vpna { match { source-address allpcs; destination-address Public-hosts; application any; then { permit { tunnel { ipsec-vpn TunnelA; [edit security policies] user@remote# show from-zone Public to-zone Public { policy allow { match { source-address any; destination-address any; application any; then { permit { tunnel { ipsec-vpn TunnelA;

51 Example: Configuring IKE Phase 1 Parameters [edit security ike] user@edge# show proposal ike-phase1-proposal { authentication-method pre-shared-keys; dh-group group2; authentication-algorithm md5; encryption-algorithm 3des-cbc; lifetime-seconds 600; policy ike-policy1 { mode main; proposals ike-phase1-proposal; pre-shared-key ascii-text "$9$lMaeLNsYoGjq4a"; ## SECRET-DATA gateway ike-phase1-gateway { ike-policy ike-policy1; address ; dead-peer-detection { interval 20; threshold 5; external-interface ge-1/0/1.0;

52 Example: Configuring IKE Phase 2 Parameters for Policy-Based IPsec VPNs [edit security ipsec] user@edge# show proposal ike-phase2-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; policy ipsec-pol1 { perfect-forward-secrecy { keys group2; proposals ike-phase2-proposal; vpn TunnelA { ike { gateway ike-phase1-gateway; ipsec-policy ipsec-pol1; establish-tunnels immediately;

53 Monitoring Policy-Based IPsec VPNs show security ike security-associations Index Remote Address State Initiator cookie Responder cookie Mode UP 1927f01c38bc08db ca631d7f107c871d Main show security ipsec security-associations total configured sa: 2 ID Gateway Port Algorithm SPI Life:sec/kb Mon vsys < ESP:3des/md5 3de5f00d 3178/ unlim - 0 > ESP:3des/md5 b4c44e / unlim - 0 user@edge> show security ipsec statistics ESP Statistics: Encrypted bytes: 7616 Decrypted bytes: 4704 Encrypted packets: 56 Decrypted packets: 56 AH Statistics: Input bytes: 0 Output bytes: 0 Input packets: 0 Output packets: 0 Errors: AH authentication failures: 0, Replay errors: 0 ESP authentication failures: 0, ESP decryption failures: 0 Bad headers: 0, Bad trailers: 0 IKE Phase 1 results IKE Phase 2 results

54 Example: Creating Route-Based IPsec VPNs Using IKE /28 HR Zone Edge Public Zone Remote A Private PC ge-1/0/1 Internet ge-1/0/0 B C [edit routing-options] user@edge# show static { route /0 next-hop ; [edit interfaces] user@edge# show st0 unit 0 { family inet { address /28; [edit routing-options] user@remote# show static { route /0 next-hop ; [edit interfaces] user@remote# show st0 unit 0 { family inet { address /28;

55 Example: Configuring a Security Zone for a Route-Based IPsec VPN [edit security zones] user@edge# show security-zone Public address-book { address host /32; address host /32; address-set Public-hosts { address host1; address host2; screen protect; host-inbound-traffic { system-services { any-service; interfaces { ge-1/0/1.0; st0.0; st0.0 interface added to the Public security zone at both ends of the tunnel

56 Example: Configuring IKE Phase 1 Parameters [edit security ike] user@edge# show proposal ike-phase1-proposal { authentication-method pre-shared-keys; dh-group group2; authentication-algorithm md5; encryption-algorithm 3des-cbc; lifetime-seconds 600; policy ike-policy1 { mode main; proposals ike-phase1-proposal; pre-shared-key ascii-text "$9$lMaeLNsYoGjq4a"; ## SECRET-DATA gateway ike-phase1-gateway { ike-policy ike-policy1; address ; dead-peer-detection { interval 20; threshold 5; external-interface ge-1/0/1.0; Identical to the configuration for a policy-based IPsec VPN

57 Example: Configuring IKE Phase 2 Parameters for a Route-Based IPsec VPN [edit security ipsec] user@edge# show proposal ike-phase2-proposal { protocol esp; authentication-algorithm hmac-md5-96; encryption-algorithm 3des-cbc; lifetime-seconds 3200; policy ipsec-pol1 { perfect-forward-secrecy { keys group2; proposals ike-phase2-proposal; vpn TunnelA { bind-interface st0.0; ike { gateway ike-phase1-gateway; ipsec-policy ipsec-pol1; establish-tunnels immediately; Binding the IPsec VPN to the st0 interface makes that VPN route-based

58 Monitoring a Route-Based IPsec VPN (1 of 4) user@edge> show security ike security-associations Index Remote Address State Initiator cookie Responder cookie Mode UP 04c17bc8fee7056d 5cfd8286f6415e9b Main UP 044f6f7455e6abbb 97428c95adef94aa Main user@edge> show security ipsec security-associations total configured sa: 4 ID Gateway Port Algorithm SPI Life:sec/kb Mon vsys < ESP:3des/md5 2236e53c 3080/ unlim - 0 > ESP:3des/md5 f5965f / unlim - 0 < ESP:3des/md5 ecf3c3ae 3082/ unlim - 0 > ESP:3des/md5 452bc / unlim - 0 user@edge> show security ipsec statistics ESP Statistics: Encrypted bytes: Decrypted bytes: Encrypted packets: 141 Decrypted packets: 141 AH Statistics: Input bytes: 0 Output bytes: 0 Input packets: 0 Output packets: 0 Errors: AH authentication failures: 0, Replay errors: 0 ESP authentication failures: 0, ESP decryption failures: 0 Bad headers: 0, Bad trailers: 0 IKE Phase 1 Results IKE Phase 2 Results

59 Monitoring a Route-Based IPsec VPN (2 of 4) user@edge> show interfaces st0 terse Interface Admin Link Proto Local Remote st0 up up st0.0 up up inet /28 user@edge> show interfaces st0 detail Physical interface: st0, Enabled, Physical link is Up Interface index: 129, SNMP ifindex: 118, Generation: 132 Type: Secure-Tunnel, Link-level type: Secure-Tunnel, MTU: 9192, Speed: Unspecified Hold-times : Up 0 ms, Down 0 ms Device flags : Present Running Interface flags: Point-To-Point Statistics last cleared: Never Traffic statistics: Input bytes : 0 0 bps Output bytes : bps Input packets: 0 0 pps Output packets: pps The st0 interface is up Statistics for the st0 interface Logical interface st0.0 (Index 66) (SNMP ifindex 546) (Generation 187) Flags: Point-To-Point SNMP-Traps Encapsulation: Secure-Tunnel Traffic statistics: Input bytes : 5416 Output bytes : 7914 Input packets: 99 Output packets: 63 Local statistics: Input bytes : 0 Output bytes : 0 Input packets: 0 Output packets: 0 Transit statistics: The output is continued Input bytes : bps Output bytes : bps on the next page Input packets: 99 0 pps 2012 Juniper Output Networks, packets: Inc. All rights reserved. 63 Worldwide 0 Education pps Services

60 Monitoring a Route-Based IPsec VPN (3 of 4) Security: Zone: untrust Flow Statistics : Flow Input statistics : Self packets : 0 ICMP packets : 2 VPN packets : 0 Multicast packets : 0 Bytes permitted by policy : 5248 Connections established : 1 Flow Output statistics: Multicast packets : 0 Bytes permitted by policy : 7914 Flow error statistics (Packets dropped due to): Address spoofing: 0 Authentication failed: 0 Incoming NAT errors: 0 Invalid zone received packet: 0 Multiple user authentications: 0 Multiple incoming NAT: 0 No parent for a gate: 0 No one interested in self packets: 0 No minor session: 0 No more sessions: 0 No NAT gate: 0 No route present: 0 No SA for incoming SPI: 0 No tunnel found: 0 No session for a gate: 0 No zone or NULL zone binding 0 Policy denied: 2 Security association not active: 0 TCP sequence number out of window: 0 Syn-attack protection: 0 User authentication errors: 0 Protocol inet, MTU: 9192, Generation: 205, Route table: 0 Flags: None Addresses, Flags: Is-Primary Destination: Unspecified, Local: , Broadcast: Unspecified, Generation: 222 Statistics for the st0 interface

61 Monitoring a Route-Based IPsec VPN (4 of 4) user@edge> show route inet.0: 16 destinations, 18 routes (16 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both /0 *[Static/5] 00:25:32 > to via st /28 *[Direct/0] 00:25:15 > via ge-1/0/ /32 *[Local/0] 00:25:16 Local via ge-1/0/ /28 *[Direct/0] 00:25:32 > via st /32 *[Local/0] 00:25:32 Local via st0.0 Default route pointing to the st0 interface Direct and local routes associated with the st0 interface

62 Other IPsec VPN Monitoring Commands Other useful monitoring commands include: traceoptions clear security ike security-associations clear security ipsec security-associations

63 Common IPsec Configuration Problems Watch for the following problems: Proposal mismatch Preshared key mismatch No available route information Misconfiguration of the peer gateway and outgoing interface

64 Summary In this chapter, we: Identified various types of VPNs Defined three major security concerns Described IPsec VPNs and their functionality Configured IPsec VPNs using policy-based and route-based methods Discussed the monitoring of IPsec VPNs

65 Review Questions 1. Name three major security concerns. 2. What is the main difference between ESP and AH? 3. How does the Junos OS ensure data integrity? 4. What are the different modes in IKE Phase 1?

66 Lab 6: Implementing IPsec VPNs Perform configuration and verification steps associated with IPsec VPNs

67 Worldwide Education Services