[Openswan Users] IPSEC tunnels
paul at xelerance.com
Wed Jan 5 00:54:02 CET 2005
On Tue, 4 Jan 2005, Jason Sigurdur wrote:
> Hi, how does one verify if ipsec tunnels are up on 26sec setup? Is there any
> thing similar to klips style 'ipsec eroute'?
setkey -D and setkey -P -D
> Secondly, while dumping traffic stats on my externel interface 'tcpdump -I
> eth0 ip proto 50' for ESP packets, I noticed that for every encrypted packet
> is a unencrypted packet? For example:
That's a side effect of how NETKEY hooks into the networking stack. The
unencrypted packets do not leave your machine however. So it is normal.
More information about the Users