And the interesting thing is that the second message, IKE_INIT response was
sent in clear text.
Why the IKE_INIT request message was encrypted while the IKE_INIT response was
sent in clear?
Regards,
Alvin
From: kesheng...@msn.com
To: users@lists.strongswan.org
Subject: Why the first IKE_INIT request message was encrypted?
Date: Fri, 27 Feb 2009 07:14:22 +
Hi all,
I used pre-shared key to set up the IPsec tunnel.
When I used wireshark to capture the IKE messages, I found that the first
IKE_INIT request message was encrypted.
I feel confused, I think it should be sent in clear text. I found no answer
from the IKEv2 RFC.
Any comment is appreciated.
Commands I ran:
ipsec start
ipsec up home
# ipsec.conf - strongSwan IPsec configuration file
config setup
strictcrlpolicy=no
plutostart=no
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
authby=secret
keyexchange=ikev2
conn home
left=10.28.15.6
left...@xx.org
leftsourceip=10.3.0.1
leftfirewall=yes
right=10.28.15.2
rightsubnet=137.117.15.0/24
right...@xxx.org
auto=add
Regards,
Alvin
check out the rest of the Windows Live™. More than mail–Windows Live™ goes way
beyond your inbox. More than messages
_
News, entertainment and everything you care about at Live.com. Get it now!
http://www.live.com/getstarted.aspx
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
