Dale Shaw <dale.shaw+cisco-...@gmail.com> writes: > It's been years since I was armpit deep in IPSec but I am assuming the > encryption key it wants is NOT the ISAKMP pre-shared key.
Nope, it wants the session key used for that particular session. This can be hard to get, depending on which platforms the IPSEC end points are. For Linux you can get the keys with ip xfrm state. /Benny _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/