Hi Michalle, > there will be a plain text of ICMP echo request (which decrypyt the > orignial ESP packet from my implementation) in the network.
You didn't write on which host you captured the packets with Wireshark. If it was on the same host on which strongSwan was running then this behavior is normal. It is a quirk of the Linux kernel that for incoming traffic both the ESP packet and the decrypted payload are captured and that for outgoing traffic only encrypted ESP packets are visible. Regards, Tobias _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
