[Openswan Users] Decrypt ESP packets with wireshark for tunnel mode (Openswan)

Paul Wouters paul at xelerance.com
Sat Nov 13 11:51:48 EST 2010

On Sat, 13 Nov 2010, Kevin Wilson wrote:

> Hi,
> This is my last question for the next month , promise :-)
> In fact, I would appreciate if someone can answer this simple question
> which can save me wasted efforts:  what is the default algorithm used
> with ESP with Openswan (tunnel mode)?

Depends on the version. 3des-sha1 on older ones, aes-sha1 on newer ones.

> For example, I am using a very simple /etc/ipsec.conf file , like this:
> #/etc/ipsec.conf
> version	2.0
> config setup
> 	protostack="netkey"
> conn host-to-host
>  type=tunnel
>  authby=secret
>  left=
>  right=
>  auto=start

Just add esp=3des-sha1 and you know for sure.


More information about the Users mailing list