[Openswan Users] Openswan with NETKEY and monitoring data
mdalton at princeton.edu
Wed Apr 6 11:34:02 EDT 2011
We have a point to point connection between two sites.
I am not seeing the data to the destination host.
192.168.1.0/25 -- Cisco VPN ---- (eth0)OpenSwan -- (eth2) virtual
(internal) (public IP) (public)
I am probably just missing something obvious. I would prefer
just seeing the traffic on the openswan box and direct the data
to the internet and back though and to the device. But I would
be willing to redirect the traffic through another box to the internet
and track the data there.
I just want to see traffic from the remote VPN clients that are
passed through the tunnel to the OpenSwan box.
tcpdump of ALL packets to each of the 192.168.1.* clients
so I can see patterns in the data (which ports were used,
how much data, and when).
We just see 'src 192.168.', the other data we see is mostly
ESP --> OpenSwan (public IP)
# NAT the IP addresses (also tried no)
uniqueids = yes
# We don't have klips, and the klips build is failing
left= <openswan public IP>
right= <ext cisco public IP>
More information about the Users