[Openswan Users] How to test tunnel(host to host)

samuel Karuga samuelkaruga at yahoo.co.uk
Fri Aug 29 10:21:05 EDT 2008


Hi list,
im a newbie to vpns, I have been working on an ipsec project and finally I have a working config between two test hosts on an internal network (A and B).
ipsec starts with no errors and once i initiate a tunnel from A to the other B it indicates that it has sucessfully started the tunnel
 
 ipsec auto --up Connection1
104 "vpn1" #1: STATE_MAIN_I1: initiate
003 "vpn1" #1: ignoring unknown Vendor ID payload [4f456f534a55776561714158]
003 "vpn1" #1: received Vendor ID payload [Dead Peer Detection]
106 "vpn1" #1: STATE_MAIN_I2: sent MI2, expecting MR2
108 "vpn1" #1: STATE_MAIN_I3: sent MI3, expecting MR3
003 "vpn1" #1: received Vendor ID payload [CAN-IKEv2]
004 "vpn1" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}
117 "vpn1" #2: STATE_QUICK_I1: initiate
004 "vpn1" #2: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xeb024081 <0x242bcf32 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}

And ipsec barf output on B also indicates that a tunnel connection has been established.
I also run  ipsec auto --route [connection name] which i understand routes all packets addressed to computer B into the tunnel

How can i test my tunnel to make sure that its working concidering that its a host to host connection on one LAN and ping will not be an indicative test to the tunnels state.



Send instant messages to your online friends http://uk.messenger.yahoo.com 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080829/6f07124e/attachment.html 


More information about the Users mailing list