[Openswan Users] Tunnel established but can't ssh or ping
Durwin
thecajun at nmia.com
Thu Feb 21 17:08:43 EST 2013
> Am 21.02.2013 19:27, schrieb Durwin:
> > I use netkey. How do I check for out going ESP packet?
>
> tcpdump -n -i eth0 host <peer-ip>
>
15:03:46.420405 IP bayou.acadia.land.ssh > caiman.acadia.land.63827: Flags [P.], seq 1166146839:1166146887, ack 1383081796, win 217, length 48
15:03:46.420645 IP caiman.acadia.land.63827 > bayou.acadia.land.ssh: Flags [.], ack 48, win 65439, length 0
15:03:46.420713 IP bayou.acadia.land.ssh > caiman.acadia.land.63827: Flags [P.], seq 48:160, ack 1, win 217, length 112
15:03:46.420927 IP bayou.acadia.land.ssh > caiman.acadia.land.63827: Flags [P.], seq 160:208, ack 1, win 217, length 48
15:03:46.421119 IP caiman.acadia.land.63827 > bayou.acadia.land.ssh: Flags [.], ack 208, win 65279, length 0
15:03:47.031578 IP mailserver.mydomain.com.isakmp > bayou.acadia.land.isakmp: isakmp: phase 2/others ? inf[E]
15:03:47.032189 IP bayou.acadia.land.isakmp > mailserver.mydomain.com.isakmp: isakmp: phase 2/others ? inf[E]
15:03:47.138458 IP bayou.acadia.land > mailserver.mydomain.com: ESP(spi=0x0dfa0e9b,seq=0x3), length 116
15:03:47.455587 IP mailserver.mydomain.com.isakmp > bayou.acadia.land.isakmp: isakmp: phase 2/others ? inf[E]
15:03:47.456165 IP bayou.acadia.land.isakmp > mailserver.mydomain.com.isakmp: isakmp: phase 2/others ? inf[E]
15:03:48.138482 IP bayou.acadia.land > mailserver.mydomain.com: ESP(spi=0x0dfa0e9b,seq=0x4), length 116
15:03:48.396022 IP caiman.acadia.land.63827 > bayou.acadia.land.ssh: Flags [P.], seq 1:49, ack 208, win 65279, length 48
> -- www.muenz-it.de
> - Cisco, Linux, Networks
Durwin F. De La Rue <thecajun at nmia.com>
--
reality.sys corrupted. universe halted. reboot (y/n)?
More information about the Users
mailing list