testing ipsec ?

Mark Street jet at sonic.net
Sat Jan 4 10:21:26 PST 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Confirmed Houston..... you have Ecapsulation Security Payload packets

What does your ipsec.conf look like without the keys....

On Friday 03 January 2003 19:29, augie wrote:
> so i created an ipsec connection between two hosts, and i want to
> check to see if everything is working as planned, so i run tcpdump on
> eth0 and ipsec0 (which is a virtual interface for eth0) respectively
> and ping goku from gohan.
>
> [root at gohan freeswan]# tcpdump -i eth0
> tcpdump: listening on eth0
> 19:15:10.141585 gohan.pear > goku.pear: ESP(spi=0x9a8fba20,seq=0x4)
> 19:15:10.141987 goku.pear > gohan.pear: ESP(spi=0xdd4484ab,seq=0x4)
>
> [root at gohan freeswan]# tcpdump -i ipsec0
> tcpdump: listening on ipsec0
> 19:16:46.153874 gohan.pear > goku.pear: icmp: echo request (DF)
> 19:16:46.154391 goku.pear > gohan.pear: icmp: echo reply
>
> so i guess this makes sense. it's comming in encrypted on eth0, then
> getting decrypted on ipsec0. can anyone else confirm this?

- -- 
Mark Street, D.C.
Red Hat Certified Engineer
Cert# 807302251406074
- --
Key fingerprint = 3949 39E4 6317 7C3C 023E  2B1F 6FB3 06E7 D109 56C0
GPG key http://www.streetchiro.com/pubkey.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE+FyYsb7MG59EJVsARAuM1AJ9qrbr8ZyLIHdlzCCRcXTxJYzh1AACghpVl
6FTap9gSuzv6ENzMFaa1wzA=
=uhoB
-----END PGP SIGNATURE-----



More information about the talk mailing list