[Openswan Users] OpenSwan - Tunnel Traffic Monitoring

Patrick Naubert patrickn at xelerance.com
Wed May 7 15:27:23 EDT 2014

Rescued from the Spam bucket.  Please remember to subscribe to the mailing list before posting to it.

From: David jones <david at proficienthealth.com>
Subject: Re: [Openswan Users] OpenSwan - Tunnel Traffic Monitoring
Date: May 7, 2014 at 3:25:05 PM EDT
To: Pizu <pizpower at gmail.com>
Cc: users at lists.openswan.org


I probably won’t be much help but maybe I can provoke a more intelligent response from the group since I am very new to OpenSwan.

But I typically run these commands…

This will tell you what connections are established between gateways
ipsec auto —status | grep  "IPsec SA established"

Search for information about connections attempts
grep “connection name” /var/log/auth.log

I think you could use tcpdump to watch the traffic flow 
tcpdump -i eth0 -n -p ip host

What is it that you want to monitor because by design the data is encrypted anyway?



On May 7, 2014, at 11:24 AM, Pizu <pizpower at gmail.com> wrote:

> Hi,
> Is it possible to monitor all the traffic passing from each tunnel?
> Regards,
> David
> _______________________________________________
> Users at lists.openswan.org
> https://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

David Jones

Proficient Health
301 South Elm Street, Suite 905
Greensboro, NC 27401

phone: 336-389-6600 x713
fax: (877) 506-8443 
skype: djonesax
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140507/128744c3/attachment.html>

More information about the Users mailing list