[Openswan Users] OpenS/WAN and SonicWALL SonicOS/Enh.
Paul Wouters
paul at xelerance.com
Wed Feb 22 22:39:35 CET 2006
On Wed, 22 Feb 2006, Francesco Peeters wrote:
> > TCPDUMPing the connection shows that the pings cause ESP data to be sent
> > to the SNWL.
> > When I ping the SNWL LAN IP, I see a return ESP packet *and* a cleartext
> > PING reply!!!
> > When I ping any other LAN IP, I do not see any replies...
You are using NETKEY, and due to how the inner workings function, it
appears to send both encrypted and plaintext. But if you would run tcpump
on a machine upstream of that box, you would see only encrypted packets
actually leave your ipsec machine.
Paul
More information about the Users
mailing list