[Openswan Users] Decrypt ESP packets with wireshark for tunnel mode (Openswan)
Paul Wouters
paul at xelerance.com
Sat Nov 13 11:51:48 EST 2010
On Sat, 13 Nov 2010, Kevin Wilson wrote:
> Hi,
> This is my last question for the next month , promise :-)
>
> In fact, I would appreciate if someone can answer this simple question
> which can save me wasted efforts: what is the default algorithm used
> with ESP with Openswan (tunnel mode)?
Depends on the version. 3des-sha1 on older ones, aes-sha1 on newer ones.
> For example, I am using a very simple /etc/ipsec.conf file , like this:
> #/etc/ipsec.conf
> version 2.0
>
> config setup
> protostack="netkey"
> conn host-to-host
> type=tunnel
> authby=secret
> left=192.168.1.196
> right=192.168.1.12
> auto=start
Just add esp=3des-sha1 and you know for sure.
Paul
More information about the Users
mailing list