[Openswan Users] OpenS/WAN and SonicWALL SonicOS/Enh.

Francesco Peeters Francesco at FamPeeters.com
Wed Feb 22 23:05:52 CET 2006


On Wed, February 22, 2006 22:39, Paul Wouters said:
> On Wed, 22 Feb 2006, Francesco Peeters wrote:
>
>> > TCPDUMPing the connection shows that the pings cause ESP data to be
>> sent
>> > to the SNWL.
>> > When I ping the SNWL LAN IP, I see a return ESP packet *and* a
>> cleartext
>> > PING reply!!!
>> > When I ping any other LAN IP, I do not see any replies...
>
> You are using NETKEY, and due to how the inner workings function, it
> appears to send both encrypted and plaintext. But if you would run tcpump
> on a machine upstream of that box, you would see only encrypted packets
> actually leave your ipsec machine.
>
> Paul
>

Actually it SENDS only ESP, and RECEIVED both... I suspected as much (also
due to the SNWL's packet trace data), but wasn't sure...

What is more of a bother is that any traffic NOT aimed at the SNWL LAN IP
(such as a ping to a LAN host) does not give any results...

I'll check the SNWL again and post more info if applicable on what happens
on traffic to other (LAN) IPs

-- 
Francesco Peeters
----
GPG Key = AA69 E7C6 1D8A F148 160C  D5C4 9943 6E38 D5E3 7704
If your program doesn't recognize my signature, please visit
http://www.CAcert.org/index.php?id=3 to retrieve the Root CA certificate.


More information about the Users mailing list