有没有什么比较好的工具用来解析 IPSec 的 ISAKMP 握手包

日志的话...tail -f /var/log/auth.log 就能看到了...

就用 wireshark 就行。日志输出选最高级别，在里面搜索 SKEYSEED，下面就是七个密钥。strongswan 的日志包含的内容非常详细

@mason961125 很抱歉你这办法我似乎已经用过了，输出的日志就是看不到，Juniper 官方说至少要这些东西互相匹配才行，日志里似乎是看不到的

If phase 2 negotiation has been initiated, and you get the "Error = NO_PROPOSAL_CHOSEN" message, this indicates a mismatch in proposals between the two peers. The phase 2 proposal elements include the following:

Authentication algorithm (MD5, SHA1)
Encryption algorithm (DES, 3DES, AES128, AES192, AES256)
Lifetime kilobytes (sometimes referred to as lifesize)
Lifetime seconds
Protocol (AH, ESP)
Perfect Forward Secrecy (Diffie-Hellman group1, group2, group5)
If phase 2 fails to complete with an error in proposal, then confirm that remote peer has at least one proposal configured in which Authentication and Encryption algorithms, Protocol and Perfect Forward Secrecy (PFS) match at least one proposal on the local side. A common mis-configuration is PFS group key mismatch. Perhaps one side has PFS group key configured whereas the remote side may either not have PFS enabled or incorrect group key. Also, with some third-party non-Juniper devices, Lifetime in both kilobytes and/or seconds may also need to match.

@Seumi SKYSEED 是什么，另外我已经把 STRONGSWAN 的日志级别调成 7 了依然没用，出来的数据看不到 JUNIPER 官方说的那几种参数

```
Sep 16 22:28:10 05[MGR] checkout IKEv2 SA by message with SPIs 53be4aebeab9737c_i 0000000000000000_r
Sep 16 22:28:10 05[MGR] created IKE_SA (unnamed)[1]
Sep 16 22:28:10 05[NET] <1> received packet: from 119.77.23.12[500] to 172.21.241.94[500] (300 bytes)
Sep 16 22:28:10 05[ENC] <1> parsing body of message, first payload is SECURITY_ASSOCIATION
Sep 16 22:28:10 05[ENC] <1> starting parsing a SECURITY_ASSOCIATION payload
Sep 16 22:28:10 05[ENC] <1> parsing SECURITY_ASSOCIATION payload, 272 bytes left
Sep 16 22:28:10 05[ENC] <1> parsing payload from => 272 bytes @ 0x7f1b18000bdc
Sep 16 22:28:10 05[ENC] <1> 0: 22 00 00 2C 00 00 00 28 01 01 00 04 03 00 00 08 "..,...(........
Sep 16 22:28:10 05[ENC] <1> 16: 01 00 00 03 03 00 00 08 03 00 00 02 03 00 00 08 ................
Sep 16 22:28:10 05[ENC] <1> 32: 02 00 00 02 00 00 00 08 04 00 00 02 28 00 00 88 ............(...
Sep 16 22:28:10 05[ENC] <1> 48: 00 02 00 00 BD 44 15 33 19 42 FC 3E 48 26 C4 EE .....D.3.B.>H&..
Sep 16 22:28:10 05[ENC] <1> 64: 9E 03 ED F1 86 32 6F CB 18 56 8E E3 6E 59 2F 46 .....2o..V..nY/F
Sep 16 22:28:10 05[ENC] <1> 80: 7D 93 71 FF C1 8B AD 1E FA D4 4A 42 04 ED D0 67 }.q.......JB...g
Sep 16 22:28:10 05[ENC] <1> 96: 9F 51 55 F0 3B ED 25 E1 FC D0 82 46 84 39 E1 1A .QU.;.%....F.9..
Sep 16 22:28:10 05[ENC] <1> 112: 86 ED 85 57 96 B8 4F 08 F9 85 A8 30 D6 35 93 C7 ...W..O....0.5..
Sep 16 22:28:10 05[ENC] <1> 128: 27 61 21 2C 20 80 7D A0 8C 15 1A 32 10 1A BB A8 'a!, .}....2....
Sep 16 22:28:10 05[ENC] <1> 144: 7B 36 93 63 3B 05 A1 EC DD 36 27 6F E7 02 25 5E {6.c;....6'o..%^
Sep 16 22:28:10 05[ENC] <1> 160: E4 BC 3C CC 72 FB 33 11 44 7F 90 61 C2 82 2B EE ..<.r.3.D..a..+.
Sep 16 22:28:10 05[ENC] <1> 176: 37 4B 6B E1 29 00 00 24 51 0F C8 1E A1 9A B5 E3 7Kk.)..$Q.......
Sep 16 22:28:10 05[ENC] <1> 192: 41 12 8B E3 32 12 AD 58 A2 B4 E9 9E 3D 9E 3A D3 A...2..X....=.:.
Sep 16 22:28:10 05[ENC] <1> 208: B6 88 EE 59 78 C5 69 8A 29 00 00 1C 00 00 40 04 ...Yx.i.).....@.
Sep 16 22:28:10 05[ENC] <1> 224: 00 E9 42 94 E0 01 A5 09 2A 2D 7D 6A 6B 3A 3B E0 ..B.....*-}jk:;.
Sep 16 22:28:10 05[ENC] <1> 240: 0C 52 8E 36 00 00 00 1C 00 00 40 05 AA E4 23 F4 .R.6......@...#.
Sep 16 22:28:10 05[ENC] <1> 256: 5C 23 FF 4C 81 C6 D7 CA 06 A8 71 7D AB 0F 6C 3D \#.L......q}..l=
Sep 16 22:28:10 05[ENC] <1> parsing rule 0 U_INT_8
Sep 16 22:28:10 05[ENC] <1> => 34
Sep 16 22:28:10 05[ENC] <1> parsing rule 1 FLAG
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 2 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 3 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 4 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 5 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 6 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 7 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 8 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 9 PAYLOAD_LENGTH
Sep 16 22:28:10 05[ENC] <1> => 44
Sep 16 22:28:10 05[ENC] <1> parsing rule 10 (1258)

```

@feast 我有个建议，你可以去 StrongSwan 的 Wiki 里找找有没有适合你需求的例子，一般来说都能找得到，而且也有配置完成后的日志。

@Seumi
Sep 16 22:28:10 05[ENC] <1> 0: 00 E9 42 94 E0 01 A5 09 2A 2D 7D 6A 6B 3A 3B E0 ..B.....*-}jk:;.
Sep 16 22:28:10 05[ENC] <1> 16: 0C 52 8E 36 .R.6
Sep 16 22:28:10 05[ENC] <1> parsing NOTIFY payload finished
Sep 16 22:28:10 05[ENC] <1> verifying payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> NOTIFY payload verified, adding to payload list
Sep 16 22:28:10 05[ENC] <1> starting parsing a NOTIFY payload
Sep 16 22:28:10 05[ENC] <1> parsing NOTIFY payload, 28 bytes left
Sep 16 22:28:10 05[ENC] <1> parsing payload from => 28 bytes @ 0x7f1b18000cd0
Sep 16 22:28:10 05[ENC] <1> 0: 00 00 00 1C 00 00 40 05 AA E4 23 F4 5C 23 FF 4C ......@...#.\#.L
Sep 16 22:28:10 05[ENC] <1> 16: 81 C6 D7 CA 06 A8 71 7D AB 0F 6C 3D ......q}..l=
Sep 16 22:28:10 05[ENC] <1> parsing rule 0 U_INT_8
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 1 FLAG
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 2 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 3 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 4 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 5 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 6 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 7 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 8 RESERVED_BIT
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 9 PAYLOAD_LENGTH
Sep 16 22:28:10 05[ENC] <1> => 28
Sep 16 22:28:10 05[ENC] <1> parsing rule 10 U_INT_8
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 11 SPI_SIZE
Sep 16 22:28:10 05[ENC] <1> => 0
Sep 16 22:28:10 05[ENC] <1> parsing rule 12 U_INT_16
Sep 16 22:28:10 05[ENC] <1> => 16389
Sep 16 22:28:10 05[ENC] <1> parsing rule 13 SPI
Sep 16 22:28:10 05[ENC] <1> => 0 bytes @ (nil)
Sep 16 22:28:10 05[ENC] <1> parsing rule 14 CHUNK_DATA
Sep 16 22:28:10 05[ENC] <1> => 20 bytes @ 0x7f1b100023c0
Sep 16 22:28:10 05[ENC] <1> 0: AA E4 23 F4 5C 23 FF 4C 81 C6 D7 CA 06 A8 71 7D ..#.\#.L......q}
Sep 16 22:28:10 05[ENC] <1> 16: AB 0F 6C 3D ..l=
Sep 16 22:28:10 05[ENC] <1> parsing NOTIFY payload finished
Sep 16 22:28:10 05[ENC] <1> verifying payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> NOTIFY payload verified, adding to payload list
Sep 16 22:28:10 05[ENC] <1> process payload of type SECURITY_ASSOCIATION
Sep 16 22:28:10 05[ENC] <1> process payload of type KEY_EXCHANGE
Sep 16 22:28:10 05[ENC] <1> process payload of type NONCE
Sep 16 22:28:10 05[ENC] <1> process payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> process payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> verifying message structure
Sep 16 22:28:10 05[ENC] <1> found payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> found payload of type NOTIFY
Sep 16 22:28:10 05[ENC] <1> found payload of type SECURITY_ASSOCIATION
Sep 16 22:28:10 05[ENC] <1> found payload of type KEY_EXCHANGE
Sep 16 22:28:10 05[ENC] <1> found payload of type NONCE
Sep 16 22:28:10 05[ENC] <1> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
Sep 16 22:28:10 05[CFG] <1> looking for an ike config for 172.21.241.94...220.166.51.91
Sep 16 22:28:10 05[IKE] <1> no IKE config found for 172.21.241.94...220.166.51.91, sending NO_PROPOSAL_CHOSEN
Sep 16 22:28:10 05[ENC] <1> added payload of type NOTIFY to message
Sep 16 22:28:10 05[ENC] <1> order payloads in message
Sep 16 22:28:10 05[ENC] <1> added payload of type NOTIFY to message
Sep 16 22:28:10 05[ENC] <1> generating IKE_SA_INIT response 0 [ N(NO_PROP) ]
Sep 16 22:28:10 05[ENC] <1> not encrypting payloads

这种已经够详细了吧，但是还是看不出客户端到底用的什么加密，什么 HASH 和什么 FPS 模式

@Seumi 老兄非常感谢你的热心回复，但是你针对的是 traffic 阶段的 ESP 封包解密，但是我的意思是获取 ISKAMP 阶段 AH 封包的配置信息，AH 包是不加密的，是用来握手的

@mason961125 如果客户端能配我也不会大费周章找工具了，就是不知道客户端用的什么模式，只能不断改服务端配置来试探

IKE_SA_INIT 阶段的两条报文不是明文吗，可以看加密套件的协商结果，而且正常的话，日志里会显示协商过程

不是啊，就是 IKE_SA_INIT 和 IKE_AUTH 握手阶段，后面是 ESP 阶段

@Seumi 你看我发的日志，sw 的日志协商阶段根本看不出客户端请求的什么加密方式，直接就提示一个 no IKE config found,这种让人很郁闷呐

我的想法是，既然是握手，客户端发送给服务器的 ISAKMP 包一定会包括 JUNIPER 官方说的
Authentication algorithm (MD5, SHA1)
Encryption algorithm (DES, 3DES, AES128, AES192, AES256)
Lifetime kilobytes (sometimes referred to as lifesize)
Lifetime seconds
Protocol (AH, ESP)
Perfect Forward Secrecy (Diffie-Hellman group1, group2, group5)
这几类信息，这几类信息用什么工具才能解析出来呢？我是目前没看到有任何类似的工具，IPSec 我感觉网上大部分富强的也就是抄配置+撞运气，压根没管参数的真正意义

@Seumi

用 wireshark 就可以，IKE 握手有两个阶段，第一个阶段 IKE_SA_INIT 的两条报文是明文，就包含你说的这几个加密套件，然后紧接着的 IKE_AUTH 阶段就会用上面协商的方法加密。你用 wireshark 抓到前两条报文，就能看到加密套件协商结构体

@Seumi 那这个阶段两端的 AUTH MODE 不同会不会导致出现上面的 NO PROPOSAL 错误呢，比如一端是未知的 oem 过的 psk 加密，一段是 psk 我感觉那个 IKE config strongswan 应该不仅仅判断了那几个加密套件要素，这方面兄台是否有所深入了解过？

试试 strongswan android 端，日志里可能有些有用的信息，服务器接受什么加密方式之类的