Hi, I am using an application which is checking the ipsec stack on ubuntu. Now When strongswan sends a Informational Delete request my application sends the response. But when my application sends an encrypted packet using that CHILD_SA to verify the deletion Strongswan send the message back.Where as my application expects strongswan not to send the message.
Can anybody please tell me what is the issue here? Informational respose:- ETHER: ---- Ethernet Header ---- ETHER: ETHER: Destination = 00:0F:FE:6F:39:28 ETHER: Source = 00:10:18:B1:40:63 ETHER: Type = 0x0800 (DOD IP) ETHER: IP: ---- IP Packet ---- IP: IP: Version = 4 IP: Internet Header Length = 5 (20 bytes) IP: Type Of Service = 0x00 IP: |01234567 IP: |000..... = Precedence (Routine) IP: |...0.... = Normal Delay IP: |....0... = Normal Throughput IP: |.....0.. = Normal Reliability IP: |......0. = Normal Monetary Cost IP: |.......0 = Must Be Zero IP: Total Length = 88 bytes IP: Identification = 0x0005 (5) IP: Flags = 0 IP: |012 IP: |0.. = Reserved IP: |.0. = May Fragment IP: |..0 = Last Fragment IP: Fragment Offset = 0x0000 (0 bytes) IP: Time to Live = 64 IP: Protocol = UDP (17) IP: Header Checksum = 0x6449 (Correct) IP: Source Address = 10.1.1.50 IP: Destination Address = 10.1.1.20 ------------------------------------------------->strongswan's ip IP: UDP: ---- UDP Packet ---- UDP: UDP: Source Port = 500 (500) UDP: Destination Port = 500 (500) UDP: Length = 68 UDP: Checksum = 0x0000 UDP: IKEV2: IKEV2: ---- IKEV2 HEADER ---- IKEV2: --- Initiator SPI [8 bytes] --- IKEV2: 00 00 16 AF 00 00 16 AF ........ IKEV2: --- Initiator SPI End --- IKEV2: IKEV2: --- Responder SPI [8 bytes] --- IKEV2: 4B 4F 7E A7 EE 52 DD 1A KO~..R.. IKEV2: --- Responder SPI End --- IKEV2: IKEV2: Next Payload = Encrypted Payload IKEV2: Major Version = 2 IKEV2: Minor Version = 0 IKEV2: Exchange Type = 37 (Informational Exchange) IKEV2: Flags = 0x28 (40) IKEV2: |01234567 IKEV2: |000..... = Reserved Bits IKEV2: |...1.... = Initiator IKEV2: |....0... = Version Bit is Not Set IKEV2: |.....1.. = Response IKEV2: |......00 = Reserved Bits IKEV2: Message Id = 0x1 IKEV2: Length = 60 bytes IKEV2: IKEV2: ---- IKEV2 Encrypted Payload ---- IKEV2: IKEV2: Next Payload = Payload NONE IKEV2: Critical Payload = 0 IKEV2: RESERVED = 0 IKEV2: Payload Length = 32 bytes IKEV2: --- IV Data [8 bytes] --- IKEV2: 23 7C 52 01 1E B7 65 99 #|R...e. IKEV2: --- IV Data End --- IKEV2: Padding Length = 7 IKEV2: --- Padding Data [7 bytes] --- IKEV2: 01 02 03 04 05 06 07 ....... IKEV2: --- Padding Data End --- IKEV2: --- Auth Data [12 bytes] --- IKEV2: 9C 14 87 08 1F 5F A8 E1 46 4E 30 1A ....._..FN0. IKEV2: --- Auth Data End --- IKEV2: ---- End IKEV2 Encrypted Payload ---- IKEV2: Thanks in advance. Regards Avishek
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
