[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Isakmp and Snort?

Hi All,

Now I want to detect the packets information between two VPN gateways with
Snort. After I setting up isakmpd, the Snort only can catch UDP packets during
phase 1 and have got nothing of ESP or AH packects. As far as I know, Snort
can detect TCP/UDP/ICMP. How about ESP and AH? If it can, how to write the
rules of Snort? I will appreciate your help or hints.