testing ipsec ?
Mark Street
jet at sonic.net
Sat Jan 4 10:21:26 PST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Confirmed Houston..... you have Ecapsulation Security Payload packets
What does your ipsec.conf look like without the keys....
On Friday 03 January 2003 19:29, augie wrote:
> so i created an ipsec connection between two hosts, and i want to
> check to see if everything is working as planned, so i run tcpdump on
> eth0 and ipsec0 (which is a virtual interface for eth0) respectively
> and ping goku from gohan.
>
> [root at gohan freeswan]# tcpdump -i eth0
> tcpdump: listening on eth0
> 19:15:10.141585 gohan.pear > goku.pear: ESP(spi=0x9a8fba20,seq=0x4)
> 19:15:10.141987 goku.pear > gohan.pear: ESP(spi=0xdd4484ab,seq=0x4)
>
> [root at gohan freeswan]# tcpdump -i ipsec0
> tcpdump: listening on ipsec0
> 19:16:46.153874 gohan.pear > goku.pear: icmp: echo request (DF)
> 19:16:46.154391 goku.pear > gohan.pear: icmp: echo reply
>
> so i guess this makes sense. it's comming in encrypted on eth0, then
> getting decrypted on ipsec0. can anyone else confirm this?
- --
Mark Street, D.C.
Red Hat Certified Engineer
Cert# 807302251406074
- --
Key fingerprint = 3949 39E4 6317 7C3C 023E 2B1F 6FB3 06E7 D109 56C0
GPG key http://www.streetchiro.com/pubkey.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE+FyYsb7MG59EJVsARAuM1AJ9qrbr8ZyLIHdlzCCRcXTxJYzh1AACghpVl
6FTap9gSuzv6ENzMFaa1wzA=
=uhoB
-----END PGP SIGNATURE-----
More information about the talk
mailing list