[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FreeS/WAN - isakmpd

To: goony <goony@inwind.it>
Subject: Re: FreeS/WAN - isakmpd
From: Hakan Olsson <ho@crt.se>
Date: Fri, 6 Dec 2002 15:41:48 +0100 (CET)
Cc: misc@OpenBSD.org

On Fri, 6 Dec 2002, goony wrote:
...
> [Phase 2]
> #Connections=           hate-test
...
> 152245.206378 Trpt 70 transport_add: adding 0x1172c0
> 152245.206403 Trpt 95 transport_reference: transport 0x1172c0 now has 1 references

There are no negotiations being done here. Up to this point is just
initialization of the daemon. Either this side need to initiate
negotiations (in which case you should un-comment the Connections= line
above, and make sure to have the phase 2 data in the config file), or have
the other side peer initiate.

>
> and if ping between two host, this is output of the tcpdump of third machine... it' in clear... :((
> 16:16:23.018913 hate.intranet > 192.168.11.192: icmp: echo request
> 16:16:23.019041 192.168.11.192 > hate.intranet: icmp: echo reply
> 16:16:24.025702 hate.intranet > 192.168.11.192: icmp: echo request
> 16:16:24.025790 192.168.11.192 > hate.intranet: icmp: echo reply

Yes, as the VPN has not been negotiated yet.

/H

--
Håkan Olsson <ho@crt.se>        (+46) 708 437 337     Carlstedt Research
Unix, Networking, Security      (+46) 31 701 4264        & Technology AB

Follow-Ups:
- Re: FreeS/WAN - isakmpd
  - From: goony <goony@inwind.it>

References:
- Re: FreeS/WAN - isakmpd
  - From: goony <goony@inwind.it>

Prev by Date: Re: FreeS/WAN - isakmpd
Next by Date: Re: FreeS/WAN - isakmpd
Prev by thread: Re: FreeS/WAN - isakmpd
Next by thread: Re: FreeS/WAN - isakmpd
Index(es):
- Date
- Thread