[ProgSoc] Getting ipsec-tools to work between Ubuntu Lucid hosts

Justin Steward althalus87 at gmail.com
Fri Jul 29 08:35:24 EST 2011


John,
Assumed you were tunnelling. My experiences won't do you much good, since
you are using transport mode sorry

-justin
On Jul 29, 2011 8:27 AM, "Nigel Sheridan-Smith" <wtfiwtz at gmail.com> wrote:
> On Fri, Jul 29, 2011 at 8:15 AM, Nigel Sheridan-Smith <wtfiwtz at gmail.com
>wrote:
>
>>
>>
>> On Fri, Jul 29, 2011 at 8:08 AM, Nigel Sheridan-Smith <wtfiwtz at gmail.com
>wrote:
>>
>>>
>>> Could be MSS / MTU related, if small packets get through, but large ones
>>> do not...
>>>
>>> http://en.wikipedia.org/wiki/Maximum_segment_size
>>> http://en.wikipedia.org/wiki/Maximum_transmission_unit
>>>
>>>
>>>
>> What interfaces are present? ifconfig -a?
>>
>> Tunnels like this should normally start a new interface... sorry I've not
>> used IPSec on Linux specifically, so I'm not 100% sure what you should
see.
>>
>>
> Okay I'm probably confusing you more... you are using transport mode, not
> tunnel mode. Tunnel mode is likely to introduce new network interfaces and
> alter the route table, where as transport mode probably doesn't need this
> since the decision would be made in the kernel.
>
> I don't think the transport is working, because you should see unencrypted
> packets in tcpdump on each end.
>
> This page below has a bit more detail, although still no specifics on
> diagnosis.
>
> http://lartc.org/howto/lartc.ipsec.html#LARTC.IPSEC.INTRO
>
> Cheers,
>
> Nigel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://progsoc.org/pipermail/progsoc/attachments/20110729/a733d161/attachment-0001.html>


More information about the Progsoc mailing list