[Openswan Users] IPSEC tunnels
Paul Wouters
paul at xelerance.com
Wed Jan 5 00:54:02 CET 2005
On Tue, 4 Jan 2005, Jason Sigurdur wrote:
> Hi, how does one verify if ipsec tunnels are up on 26sec setup? Is there any
> thing similar to klips style 'ipsec eroute'?
setkey -D and setkey -P -D
> Secondly, while dumping traffic stats on my externel interface 'tcpdump -I
> eth0 ip proto 50' for ESP packets, I noticed that for every encrypted packet
> is a unencrypted packet? For example:
That's a side effect of how NETKEY hooks into the networking stack. The
unencrypted packets do not leave your machine however. So it is normal.
Paul
More information about the Users
mailing list