Назад | Перейти на главную страницу

Strongswan с сертификатами letsencrypt (IKEv2-EAP)

Я настраиваю сервер Strongswan для клиентов VPN для доступа к внутренней сети (EAP-IKEv2). Я успешно настроил его, используя самозаверяющие сертификаты сервера, и он работает для клиентов, использующих Mac OS X, Windows 7 и Windows 10, после добавления ca.crt в корневой центр сертификации клиентов как доверенный.

Теперь я хотел бы переключиться на сертификаты Letsencrypt, которым следует доверять без какой-либо дополнительной настройки на стороне клиента, и, к сожалению, я не могу заставить его работать по какой-то причине.

Сервер: Strongswan версии 5.6.2 на Ubuntu 18.04. Клиент: Mac OS X 10.14.2 / Ubuntu 18.04 / Windows 7 / Windows 10

Ошибка VPN в Mac OS X, которую я получаю: The VPN server did not respond. Просто для сравнения с самозаверяющими сертификатами без добавления ca.crt в Mac OS я бы получил User Authentication failed.

Когда я копирую server.crt клиенту это говорит This certificate is valid.

Я также попытался установить IP-безопасность (IPsec) для сертификата DST ROOT CA X3 на Always trust и любые другие сертификаты CA, связанные с Letsencrypt, в Mac OS, но это не помогло.

Я также пытался заставить Always Trust для server.crt сертификат, но все равно не повезло.

Я протестировал все упомянутые ОС (Linux с использованием апплета сетевого менеджера strongswan), и это не сработало.

Поскольку мне не удалось получить какие-либо разумные журналы отладки из Mac OS и Windows, я установил Strongswan клиент на другом сервере с использованием Ubuntu без апплета сетевого менеджера. Начал работать после копирования DST_Root_CA_X3.pem свидетельство от /etc/ssl/certs к /etc/ipsec.d/cacerts на клиенте.

У меня 3 вопроса:

  1. Как получить журнал отладки из собственного VPN-клиента Mac OS?
  2. Работает ли Strongswan VPN даже с сертификатами Letsencrypt? В чем может быть проблема?
  3. Вы порекомендуете какую-либо альтернативу, которая может работать? Racoon, Openswan? Позвольте мне оставить OpenVPN в качестве плана Б.

Ниже вы можете найти все подробности.

Спасибо, что помогли мне. Буду признателен за любой вклад.

Сервер

$ certbot certonly --rsa-key-size 2048 --standalone --agree-tos --no-eff-email --email info@company.com -d vpn.company.com

$ cp /etc/letsencrypt/live/vpn.company.com/fullchain.pem /etc/ipsec.d/certs/server.crt
$ cp /etc/letsencrypt/live/vpn.company.com/privkey.pem /etc/ipsec.d/private/server.key

Я знаю, что strongswan читает только первый сертификат, найденный в server.crt. Тем не менее, он не работает с удаленным сертификатом второй цепи. Тоже не работает, если я пытаюсь добавить chain.pem в /etc/ipsec.d/cacerts или любые другие сертификаты CA из / etc / ssl / certs, что понятно, потому что CAcerts на сервере не влияет на аутентификацию клиента.

Я также протестировал преобразование сертификатов в форматы DER и PEM.

PKI проверить

$ ipsec pki --verify --in /etc/ipsec.d/certs/server.crt
no issuer certificate found for "CN=vpn.company.com"
  issuer is "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3"
  using trusted certificate "CN=vpn.company.com"
certificate trusted, lifetimes valid

Детали сертификата

$ openssl x509 -in certs/server.crt -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:50:51:[...]
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
        Validity
            Not Before: Mar  1 13:40:42 2019 GMT
            Not After : May 30 13:40:42 2019 GMT
        Subject: CN = vpn.company.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e3:a8:ea:8e:[...]
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier:
                EC:6A:[...]
            X509v3 Authority Key Identifier:
                keyid:A8:4A:6A:[...]

            Authority Information Access:
                OCSP - URI:http://ocsp.int-x3.letsencrypt.org
                CA Issuers - URI:http://cert.int-x3.letsencrypt.org/

            X509v3 Subject Alternative Name:
                DNS:vpn.company.com
            X509v3 Certificate Policies:
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org

            CT Precertificate SCTs:
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 74:7E:DA:[...]
                    Timestamp : Mar  1 14:40:42.419 2019 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:[...]
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 29:3C:51:[...]
                    Timestamp : Mar  1 14:40:42.499 2019 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:[...]
    Signature Algorithm: sha256WithRSAEncryption
         8e:da:a3:[...]

ipsec.conf


config setup
  charondebug="dmn 1, mgr 1, ike 1, chd 1, job 1, cfg 1, knl 1, net 1, asn 1, enc 1, lib 1, esp 1, tls 1, tnc 1, imc 1, imv 1, pts 1"
    uniqueids=no

conn ikev2-vpn
    auto=add
    compress=no
    type=tunnel
    keyexchange=ikev2
    ike=aes256-sha1-modp1024
    esp=aes256-sha1
    fragmentation=no
    forceencaps=yes
    dpdaction=clear
    dpddelay=300s
    rekey=no
    left=%any
    leftid=@vpn.company.com
  leftauth=pubkey
    leftcert=server.crt
    leftsendcert=always
    leftsubnet=0.0.0.0/0
  leftfirewall=yes
    right=%any
    rightid=%any
    rightauth=eap-mschapv2
    rightsourceip=10.255.255.0/24
    rightdns=1.1.1.1
    rightsendcert=never
    eap_identity=%identity

ipsec.secrets

vpn.company.com : RSA server.key
user %any% : EAP "user_password"

Журнал сервера Strongswan

ipsec[11918]: Starting strongSwan 5.6.2 IPsec [starter]...
ipsec_starter[11918]: Starting strongSwan 5.6.2 IPsec [starter]...
charon[11943]: 00[DMN] Starting IKE charon daemon (strongSwan 5.6.2, Linux 4.15.0-45-generic, x86_64)
charon[11943]: 00[CFG] PKCS11 module '<name>' lacks library path
charon[11943]: 00[CFG] disabling load-tester plugin, not configured
charon[11943]: 00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL
charon[11943]: 00[NET] could not open socket: Address family not supported by protocol
charon[11943]: 00[NET] could not open IPv6 socket, IPv6 disabled
charon[11943]: 00[KNL] received netlink error: Address family not supported by protocol (97)
charon[11943]: 00[KNL] unable to create IPv6 routing table rule
charon[11943]: 00[CFG] dnscert plugin is disabled
charon[11943]: 00[CFG] ipseckey plugin is disabled
charon[11943]: 00[CFG] attr-sql plugin: database URI not set
charon[11943]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
charon[11943]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
charon[11943]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
charon[11943]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
charon[11943]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
charon[11943]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
charon[11943]: 00[CFG]   loaded RSA private key from '/etc/ipsec.d/private/server.key'
charon[11943]: 00[CFG]   loaded EAP secret for USERNAME_HERE %any%
charon[11943]: 00[CFG] sql plugin: database URI not set
charon[11943]: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
charon[11943]: 00[CFG] eap-simaka-sql database URI missing
charon[11943]: 00[CFG] loaded 0 RADIUS server configurations
charon[11943]: 00[CFG] HA config misses local/remote address
charon[11943]: 00[CFG] no threshold configured for systime-fix, disabled
charon[11943]: 00[CFG] coupling file path unspecified
charon[11943]: 00[LIB] loaded plugins: charon test-vectors unbound ldap pkcs11 tpm aesni aes rc2 sha2 sha1 md4 md5 mgf1 rdrand random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem openssl gcrypt af-alg fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock unity counters
charon[11943]: 00[LIB] dropped capabilities, running as uid 0, gid 0
charon[11943]: 00[JOB] spawning 16 worker threads
ipsec[11918]: charon (11943) started after 40 ms
ipsec_starter[11918]: charon (11943) started after 40 ms
charon[11943]: 06[CFG] received stroke: add connection 'ikev2-vpn'
charon[11943]: 06[CFG] adding virtual IP address pool 10.255.255.0/24
charon[11943]: 06[CFG]   loaded certificate "CN=vpn.company.com" from 'server.crt'
charon[11943]: 06[CFG] added configuration 'ikev2-vpn'
charon[11943]: 08[NET] received packet: from CLIENT_IP_HERE[44709] to SERVER_IP_HERE[500] (604 bytes)
charon[11943]: 08[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
charon[11943]: 08[IKE] CLIENT_IP_HERE is initiating an IKE_SA
charon[11943]: 08[IKE] CLIENT_IP_HERE is initiating an IKE_SA
charon[11943]: 08[IKE] remote host is behind NAT
charon[11943]: 08[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
charon[11943]: 08[NET] sending packet: from SERVER_IP_HERE[500] to CLIENT_IP_HERE[44709] (440 bytes)
charon[11943]: 09[NET] received packet: from CLIENT_IP_HERE[44710] to SERVER_IP_HERE[4500] (512 bytes)
charon[11943]: 09[ENC] unknown attribute type (25)
charon[11943]: 09[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) N(MOBIKE_SUP) IDr CPRQ(ADDR DHCP DNS MASK ADDR6 DHCP6 DNS6 (25)) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ]
charon[11943]: 09[CFG] looking for peer configs matching SERVER_IP_HERE[vpn.company.com]...CLIENT_IP_HERE[CLIENT_LOCAL_IP_HERE]
charon[11943]: 09[CFG] selected peer config 'ikev2-vpn'
charon[11943]: 09[IKE] initiating EAP_IDENTITY method (id 0x00)
charon[11943]: 09[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
charon[11943]: 09[IKE] peer supports MOBIKE
charon[11943]: 09[IKE] authentication of 'vpn.company.com' (myself) with RSA signature successful
charon[11943]: 09[IKE] sending end entity cert "CN=vpn.company.com"
charon[11943]: 09[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
charon[11943]: 09[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44710] (1744 bytes)
charon[11943]: 10[NET] received packet: from CLIENT_IP_HERE[44710] to SERVER_IP_HERE[4500] (512 bytes)
charon[11943]: 10[ENC] unknown attribute type (25)
ipsec[11918]: 00[DMN] Starting IKE charon daemon (strongSwan 5.6.2, Linux 4.15.0-45-generic, x86_64)
ipsec[11918]: 00[CFG] PKCS11 module '<name>' lacks library path
ipsec[11918]: 00[CFG] disabling load-tester plugin, not configured
ipsec[11918]: 00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL
ipsec[11918]: 00[NET] could not open socket: Address family not supported by protocol
ipsec[11918]: 00[NET] could not open IPv6 socket, IPv6 disabled
ipsec[11918]: 00[KNL] received netlink error: Address family not supported by protocol (97)
ipsec[11918]: 00[KNL] unable to create IPv6 routing table rule
ipsec[11918]: 00[CFG] dnscert plugin is disabled
ipsec[11918]: 00[CFG] ipseckey plugin is disabled
ipsec[11918]: 00[CFG] attr-sql plugin: database URI not set
ipsec[11918]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
ipsec[11918]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
ipsec[11918]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
ipsec[11918]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
ipsec[11918]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
ipsec[11918]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
ipsec[11918]: 00[CFG]   loaded RSA private key from '/etc/ipsec.d/private/server.key'
ipsec[11918]: 00[CFG]   loaded EAP secret for USERNAME_HERE %any%
ipsec[11918]: 00[CFG] sql plugin: database URI not set
ipsec[11918]: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
ipsec[11918]: 00[CFG] eap-simaka-sql database URI missing
ipsec[11918]: 00[CFG] loaded 0 RADIUS server configurations
ipsec[11918]: 00[CFG] HA config misses local/remote address
ipsec[11918]: 00[CFG] no threshold configured for systime-fix, disabled
ipsec[11918]: 00[CFG] coupling file path unspecified
charon[11943]: 10[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) N(MOBIKE_SUP) IDr CPRQ(ADDR DHCP DNS MASK ADDR6 DHCP6 DNS6 (25)) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ]
ipsec[11918]: 00[LIB] loaded plugins: charon test-vectors unbound ldap pkcs11 tpm aesni aes rc2 sha2 sha1 md4 md5 mgf1 rdrand random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem openssl gcrypt af-alg fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock unity counters
ipsec[11918]: 00[LIB] dropped capabilities, running as uid 0, gid 0
ipsec[11918]: 00[JOB] spawning 16 worker threads
ipsec[11918]: 06[CFG] received stroke: add connection 'ikev2-vpn'
ipsec[11918]: 06[CFG] adding virtual IP address pool 10.255.255.0/24
ipsec[11918]: 06[CFG]   loaded certificate "CN=vpn.company.com" from 'server.crt'
ipsec[11918]: 06[CFG] added configuration 'ikev2-vpn'
ipsec[11918]: 08[NET] received packet: from CLIENT_IP_HERE[44709] to SERVER_IP_HERE[500] (604 bytes)
ipsec[11918]: 08[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
ipsec[11918]: 08[IKE] CLIENT_IP_HERE is initiating an IKE_SA
ipsec[11918]: 08[IKE] remote host is behind NAT
ipsec[11918]: 08[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
ipsec[11918]: 08[NET] sending packet: from SERVER_IP_HERE[500] to CLIENT_IP_HERE[44709] (440 bytes)
ipsec[11918]: 09[NET] received packet: from CLIENT_IP_HERE[44710] to SERVER_IP_HERE[4500] (512 bytes)
ipsec[11918]: 09[ENC] unknown attribute type (25)
ipsec[11918]: 09[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) N(MOBIKE_SUP) IDr CPRQ(ADDR DHCP DNS MASK ADDR6 DHCP6 DNS6 (25)) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ]
ipsec[11918]: 09[CFG] looking for peer configs matching SERVER_IP_HERE[vpn.company.com]...CLIENT_IP_HERE[CLIENT_LOCAL_IP_HERE]
ipsec[11918]: 09[CFG] selected peer config 'ikev2-vpn'
ipsec[11918]: 09[IKE] initiating EAP_IDENTITY method (id 0x00)
charon[11943]: 10[IKE] received retransmit of request with ID 1, retransmitting response
ipsec[11918]: 09[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
ipsec[11918]: 09[IKE] peer supports MOBIKE
ipsec[11918]: 09[IKE] authentication of 'vpn.company.com' (myself) with RSA signature successful
ipsec[11918]: 09[IKE] sending end entity cert "CN=vpn.company.com"
ipsec[11918]: 09[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
ipsec[11918]: 09[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44710] (1744 bytes)
ipsec[11918]: 10[NET] received packet: from CLIENT_IP_HERE[44710] to SERVER_IP_HERE[4500] (512 bytes)
ipsec[11918]: 10[ENC] unknown attribute type (25)
charon[11943]: 10[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44710] (1744 bytes)
charon[11943]: 11[NET] received packet: from CLIENT_IP_HERE[44710] to SERVER_IP_HERE[4500] (512 bytes)
charon[11943]: 11[ENC] unknown attribute type (25)
charon[11943]: 11[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) N(MOBIKE_SUP) IDr CPRQ(ADDR DHCP DNS MASK ADDR6 DHCP6 DNS6 (25)) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ]
charon[11943]: 11[IKE] received retransmit of request with ID 1, retransmitting response
charon[11943]: 11[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44710] (1744 bytes)
charon[11943]: 12[NET] received packet: from CLIENT_IP_HERE[44710] to SERVER_IP_HERE[4500] (512 bytes)
charon[11943]: 12[ENC] unknown attribute type (25)
charon[11943]: 12[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) N(MOBIKE_SUP) IDr CPRQ(ADDR DHCP DNS MASK ADDR6 DHCP6 DNS6 (25)) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ]
charon[11943]: 12[IKE] received retransmit of request with ID 1, retransmitting response
charon[11943]: 12[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44710] (1744 bytes)

РЕДАКТИРОВАТЬ: Mac OS начала работать после включения фрагментации. К сожалению, Windows 10 выдает ошибку. Журнал сервера при подключении из Windows 10:

charon[12236]: 06[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(MULT_AUTH) ]
charon[12236]: 06[NET] sending packet: from SERVER_IP_HERE[500] to CLIENT_IP_HERE[44742] (320 bytes)
charon[12236]: 09[NET] received packet: from CLIENT_IP_HERE[44743] to SERVER_IP_HERE[4500] (576 bytes)
charon[12236]: 09[ENC] parsed IKE_AUTH request 1 [ EF(1/2) ]
charon[12236]: 09[ENC] received fragment #1 of 2, waiting for complete IKE message
charon[12236]: 07[NET] received packet: from CLIENT_IP_HERE[44743] to SERVER_IP_HERE[4500] (368 bytes)
charon[12236]: 07[ENC] parsed IKE_AUTH request 1 [ EF(2/2) ]
charon[12236]: 07[ENC] received fragment #2 of 2, reassembling fragmented IKE message
charon[12236]: 07[ENC] parsed IKE_AUTH request 1 [ IDi CERTREQ CPRQ(ADDR DNS NBNS SRV) SA TSi TSr ]
charon[12236]: 07[IKE] received 27 cert requests for an unknown ca
charon[12236]: 07[CFG] looking for peer configs matching SERVER_IP_HERE[%any]...CLIENT_IP_HERE[CLIENT_LOCAL_IP_HERE]
charon[12236]: 07[CFG] selected peer config 'ikev2-vpn'
charon[12236]: 07[IKE] initiating EAP_IDENTITY method (id 0x00)
charon[12236]: 07[IKE] authentication of 'vpn.autouncle.com' (myself) with RSA signature successful
charon[12236]: 07[IKE] sending end entity cert "CN=vpn.autouncle.com"
charon[12236]: 07[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
charon[12236]: 07[ENC] splitting IKE message with length of 1740 bytes into 2 fragments
charon[12236]: 07[ENC] generating IKE_AUTH response 1 [ EF(1/2) ]
charon[12236]: 07[ENC] generating IKE_AUTH response 1 [ EF(2/2) ]
charon[12236]: 07[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44743] (1248 bytes)
charon[12236]: 07[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44743] (560 bytes)

Возможно, это проблема фрагментации IP-адресов. Благодаря сертификату IKE_AUTH ответ больше MTU (1744 байта):

charon[11943]: 09[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
charon[11943]: 09[NET] sending packet: from SERVER_IP_HERE[4500] to CLIENT_IP_HERE[44710] (1744 bytes)

Таким образом, это фрагментируется на несколько IP-фрагментов. Некоторые маршрутизаторы отбрасывают их, и клиент может не получить полный пакет.

К счастью, клиент поддерживает фрагментацию IKEv2 (FRAG_SUP поставить в известность):

charon[11943]: 08[NET] received packet: from CLIENT_IP_HERE[44709] to SERVER_IP_HERE[500] (604 bytes)
charon[11943]: 08[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]

Поэтому попробуйте включить фрагментацию IKEv2 на сервере, то есть включить fragmentation вариант или удалите его, так как он включен по умолчанию.

Вы действительно хотите, чтобы промежуточный сертификат Letsencrypt был установлен в дополнение к листу сертификата! Положи это chain.pem обратно в ipsec.d / cacerts

Что вы хотите видеть в своих журналах strongswan, так это отправка им обоих:

charon: 07 [IKE] отправка сертификата конечного объекта "CN = vpn.example.com" charon: 07 [IKE] отправка сертификата эмитента "C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3"

В Windows я настоятельно рекомендую создавать и настраивать записи VPN через PowerShell, что позволяет настраивать параметры, выходящие далеко за рамки того, что позволяет графический интерфейс. Например,

Add-VpnConnection -Name "My VPN" -ServerAddress vpn.example.com -TunnelType IKEv2 -AuthenticationMethod EAP -EncryptionLevel Maximum -RememberCredential:$True -SplitTunnel:$False -PassThru
Set-VpnConnectionIPsecConfiguration -ConnectionName "My VPN" -AuthenticationTransformConstants SHA256128 -CipherTransformConstants AES256 -EncryptionMethod AES256 -IntegrityCheckMethod SHA256 -DHGroup Group14 -PfsGroup Pfs2048 -PassThru -Force

Документация здесь: Add-VpnConnection Set-VpnConnectionIPsecConfiguration

Проверьте журнал событий Windows, если что-то по-прежнему не так. Он определенно может нормально работать с настройкой сертификата strongswan / letsencrypt.