[Openswan Users] Openswan with L2TP/IPsec

Kevin Wilson wkevils at gmail.com
Sat Dec 18 06:02:50 EST 2010

I sniff with wireshark in the interface on which
I sniff all the traffic without any filter such as destination or source.
I don't see any ESP packets. I expected some ESP traffic.

I suspected that something is wrong with the setup as described in
my post, but it seems to me that there is no error there.
So I am still confused and do not know what is wrong here
and why don't I see ESP packets at all.
Any idea?


On Fri, Dec 17, 2010 at 9:21 PM, Paul Wouters <paul at xelerance.com> wrote:
> On Fri, 17 Dec 2010, Kevin Wilson wrote:
>> I tried to test a simple scenario of Openswan with L2TP/IPsec (of the
>> openl2tp project) in a lab.
>>        protostack="netkey"
>> I expected the traffic from ., to to be ESP
>> encrypted, as a result
>> of using Openswan with the /etc/ipsec.conf above, but sniffing
>> with wireshark shows it is not. Any idea why ?
> You know netkey has limitations with tcpdump? You can not sniff outgoing
> encrypted packets. So verify on both ends that you see incoming crypted
> packets.
> Paul

More information about the Users mailing list