Ethereal-users: RE: [Ethereal-users] 0.99 ESP protocol preferences

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "Chris Flory" <cflory@xxxxxxxxxxx>
Date: Mon, 12 Jun 2006 16:09:59 -0500
Ok, I see a problem, it appears I am limited to what I can use as an
encryption/algorithm option.

I am using ESP/MD5/HMAC-128 for my authenticaton, and 3DES-168 for
encryption on IPSec.  

ESP/HMAC-128 and 3DES-168 for ISAKMP.

I see this on the console when configuring my ESP protocol for 3DES-CBC:

<ESP Preferences> Error in Encryption Algorithm 3DES-CBC : Bad Keylen (64
Bits)

Obviously my options are not matching up to what I have on my VPN tunnel.
Not sure what to do here.  I really don't want to back off my tunnel to see
captures.  AES is an option I could move to, but it is not supported in my
hardware currently.  Any other ideas?? Suggestions?

Thanks again for your time and input!

-Chris



-----Original Message-----
From: ethereal-users-bounces@xxxxxxxxxxxx
[mailto:ethereal-users-bounces@xxxxxxxxxxxx] On Behalf Of Chris Flory
Sent: Monday, June 12, 2006 3:32 PM
To: 'Ethereal user support'
Subject: RE: [Ethereal-users] 0.99 ESP protocol preferences

Ok, you might have seen this question coming :)

I got it installed with the new features for ESP decrypt, but I am not sure
why I can't decrypt the capture.  Based on the information here:

http://wiki.ethereal.com/ESP_Preferences

I essentially just set my SPI and addresses to match any:

IPv4|*|*|*

I have my encryption and authentication algorithms set, and have the correct
encryption key.  However, one thing to note, I do NOT see 'Attempt to Check
ESP Authetication' check box.  I am not sure if this matters, but I only
have the two check box options above it (Null and ESP decode/decrypt)

I still see just ESP in the capture.  What am I missing?



-----Original Message-----
From: ethereal-users-bounces@xxxxxxxxxxxx
[mailto:ethereal-users-bounces@xxxxxxxxxxxx] On Behalf Of Joerg Mayer
Sent: Monday, June 12, 2006 10:57 AM
To: Ethereal user support
Subject: Re: [Ethereal-users] 0.99 ESP protocol preferences

On Sun, Jun 11, 2006 at 05:42:11PM +0200, Joerg Mayer wrote:
> This is, how it looks on my system (untested):
> 
> CFLAGS="-O3 -DHAVE_LIBCRYPT" ./configure --with-extra-gcc-checks .......
> 
> I think you need the CFLAGS="-DHAVE_LIBCRYPT" 

OK, tested, works for me. Please let me know about your results.

 Ciao
    Joerg
-- 
Joerg Mayer                                           <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users