Hi Martin, It worked. Thanks for your great help! Best Regards, Jessie
--- 10/8/10 (二),Martin Willi <[email protected]> 寫道: 寄件者: Martin Willi <[email protected]> 主旨: Re: [strongSwan] Decryption of ESP packets with Wireshark 收件者: "Jessie Liu" <[email protected]> 副本: [email protected] 日期: 2010年8月10日,二,下午7:30 Hi Jessie, > Is it correct to fill the two fields with CK and IK? If you are referring to the encryption and integrity keys CK/IK from EAP-AKA authentication, definitely not. > If not, what should I fill out to get ESP packets decrypted? IKE uses a Diffie-Hellman exchange to derive keys used for IKE and ESP with perfect forward secrecy. You can increase the debug level of the IKE daemon to log the key derivation process. But it is probably simpler to use the "ip" utility to extract the keys from the kernel. Try "ip xfrm state". Regards Martin
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
