[Openswan Users] Decrypt ESP packets with wireshark for tunnel mode (Openswan)

Kevin Wilson wkevils at gmail.com
Sat Nov 13 15:08:30 EST 2010


Hi,
Thanks a lot!
Kevin


On Sat, Nov 13, 2010 at 6:51 PM, Paul Wouters <paul at xelerance.com> wrote:
> On Sat, 13 Nov 2010, Kevin Wilson wrote:
>
>> Hi,
>> This is my last question for the next month , promise :-)
>>
>> In fact, I would appreciate if someone can answer this simple question
>> which can save me wasted efforts:  what is the default algorithm used
>> with ESP with Openswan (tunnel mode)?
>
> Depends on the version. 3des-sha1 on older ones, aes-sha1 on newer ones.
>
>> For example, I am using a very simple /etc/ipsec.conf file , like this:
>> #/etc/ipsec.conf
>> version 2.0
>>
>> config setup
>>        protostack="netkey"
>> conn host-to-host
>>  type=tunnel
>>  authby=secret
>>  left=192.168.1.196
>>  right=192.168.1.12
>>  auto=start
>
> Just add esp=3des-sha1 and you know for sure.
>
> Paul
>


More information about the Users mailing list