[Openswan Users] RHEL guides

Norman Rasmussen normanr at gmail.com
Mon Jun 6 19:21:02 CEST 2005

Yea, pity

On 06/06/05, Paul Wouters <paul at xelerance.com> wrote:
> On Mon, 6 Jun 2005, Norman Rasmussen wrote:
> >> Since with NETKEY, you can't reliably look at the data with tcpdump, since netkey hooks into
> >> the networking stack past the point where tcpdump can look.
> >>
> > Maybe it should be added to the comment, that you should run the
> > tcpdump process on a machine that is between the endpoints, and is not
> > involved in the ipsec tunnel, but just has to route it.
> Unfortunateloy, almost all IPsec machines are the public IP machine people
> have, and the next hop is their ISP, so unless you're using a hub on your
> uplink to your ISP (provided it is not like PPOE or PPTP) this becomes
> impossible.
> Paul

- Norman Rasmussen
 - Email: norman at rasmussen.co.za
 - Home page: http://norman.rasmussen.co.za/

More information about the Users mailing list