testing ipsec ?
augie
schwer at sonic.net
Fri Jan 3 19:29:42 PST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
so i created an ipsec connection between two hosts, and i want to
check to see if everything is working as planned, so i run tcpdump on
eth0 and ipsec0 (which is a virtual interface for eth0) respectively
and ping goku from gohan.
[root at gohan freeswan]# tcpdump -i eth0
tcpdump: listening on eth0
19:15:10.141585 gohan.pear > goku.pear: ESP(spi=0x9a8fba20,seq=0x4)
19:15:10.141987 goku.pear > gohan.pear: ESP(spi=0xdd4484ab,seq=0x4)
[root at gohan freeswan]# tcpdump -i ipsec0
tcpdump: listening on ipsec0
19:16:46.153874 gohan.pear > goku.pear: icmp: echo request (DF)
19:16:46.154391 goku.pear > gohan.pear: icmp: echo reply
so i guess this makes sense. it's comming in encrypted on eth0, then
getting decrypted on ipsec0. can anyone else confirm this?
-augie
- --
irc.nblug.org #nblug
registered linux user #229905
gpg public key: http://www.sonic.net/schwer/schwer.asc
Key fingerprint = 9815 AE19 AFD1 1FE7 5DEE 2AC3 CB99 2784 27B0 C072
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE+FlUly5knhCewwHIRAmjaAJ0UX9lrmH2UDOvguMCwwvz8LLlEEACdF7E3
NQGwktZIpGc97/PjHZ6TTlk=
=Dndh
-----END PGP SIGNATURE-----
More information about the talk
mailing list