Wireshark · Wireshark-users: [Wireshark-users] ESP and unencrypted packets

Wireshark-users: [Wireshark-users] ESP and unencrypted packets

From: "no way" <my_no2_mail@xxxxxxxxxxx>

Date: Sun, 27 Aug 2006 03:10:49 +0000

I captured some traffic from a VPN tunnel, on the tunnelling end.
Apart from the ESP packets, some unencrypted packets also appear.

For example:

"1", "00:11:08.539409", "155.245.32.8", "155.245.32.10", "ESP", "ESP(SPI=0x595c35ec)""2", "00:11:08.539632", "155.245.32.10", "155.245.32.8", "ESP", "ESP(SPI=0x6d7ecf2c)""3", "00:11:08.539632", "192.168.1.2", "10.0.0.2", "TCP", "80 > 34480 [SYN,ACK] Seq=0 Ack=0 Win=5792 Len=0 MSS=1460 TSV=6521974 TSER=6522154 WS=2""4", "00:11:08.540078", "155.245.32.8", "155.245.32.10", "ESP", "ESP(SPI=0x595c35ec)"

I use 4 machines: two clients and two servers. The servers perform thetunnel. Each server comunicates with one client using a second ethernetcard. Thus no unencrypted packets should apear on the ethernet used for thetunneling.


What should I do?

Regards,

Ioannis Kalogridis

_________________________________________________________________

Be the first to hear what's new at MSN - sign up to our free newsletters!http://www.msn.co.uk/newsletters

Prev by Date: Re: [Wireshark-users] Does Wireshark work on Windows XP Tablet PC and/or XP Media Center?
Next by Date: [Wireshark-users] Fatal: Could not acquire crypto context from Windows.
Previous by thread: Re: [Wireshark-users] Why is default filter 'not tcp port 3389' ?
Next by thread: [Wireshark-users] Fatal: Could not acquire crypto context from Windows.
Index(es):
- Date
- Thread