I'm running Slackware 13.1 x86 and I compiled the latest svn of Shrew Soft and I'm using an IPsec service and when I connect to the VPN I see in ifconfig the tap0 adapter comes up but then when I run tcpdump it shows the traffic on eth0.
In ifconfig it shows the RX and TX as 0 for tap0 RX packets:0 TX packets:0 Here's some tcpdump out put and I changed out the IP to x-x-x-x.com and it does show the real ip ok... root@slackware:~# tcpdump tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 01:11:24.217504 IP 192.168.1.5.sae-urn > rrcs-x-x-x-x.com.sae-urn: NONESP-encap: isakmp: phase 2/others ? inf[E] 01:11:24.218770 IP 192.168.1.5.sae-urn > rrcs-x-x-x-x.com.sae-urn: UDP-encap: ESP(spi=0x4a477840,seq=0x424), length 116 01:11:24.325470 IP rrcs-x-x-x-x.com.sae-urn > 192.168.1.5.sae-urn: NONESP-encap: isakmp: phase 2/others ? inf[E] 01:11:24.367660 IP rrcs-x-x-x-x.com.sae-urn > 192.168.1.5.sae-urn: UDP-encap: ESP(spi=0x01288376,seq=0x49a), length 164 01:11:24.367660 IP google-public-dns-a.google.com.domain > 10.99.99.10.53267: 30644 1/0/0 (92) 01:11:24.368408 IP 192.168.1.5.sae-urn > rrcs-x-x-x-x.com.sae-urn: UDP-encap: ESP(spi=0x4a477840,seq=0x425), length 116 01:11:24.511263 IP rrcs-x-x-x-x.com.sae-urn > 192.168.1.5.sae-urn: UDP-encap: ESP(spi=0x01288376,seq=0x49b), length 116 01:11:24.511263 IP google-public-dns-a.google.com.domain > 10.99.99.10.53415: 48630 NXDomain 0/0/0 (42) 01:11:24.514384 IP 192.168.1.5.sae-urn > rrcs-x-x-x-x.com.sae-urn: UDP-encap: ESP(spi=0x4a477840,seq=0x426), length 116 01:11:24.659367 IP rrcs-x-x-x-xcom.sae-urn > 192.168.1.5.sae-urn: UDP-encap: ESP(spi=0x01288376,seq=0x49c), length 116 01:11:24.659367 IP google-public-dns-a.google.com.domain > 10.99.99.10.60948: 6907 NXDomain 0/0/0 (42) 01:11:24.659993 IP 192.168.1.5.sae-urn > x-x-x-x.com.sae-urn: UDP-encap: ESP(spi=0x4a477840,seq=0x427), length 116 01:11:24.807675 IP rrcs-x-x-x-x.com.sae-urn > 192.168.1.5.sae-urn: UDP-encap: ESP(spi=0x01288376,seq=0x49d), length 148 01:11:24.807675 IP google-public-dns-a.google.com.domain > 10.99.99.10.59340: 25544 1/0/0 (82) This is all I get for tap0 root@slackware:~# tcpdump -i tap0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on tap0, link-type EN10MB (Ethernet), capture size 96 bytes So does anything go over tap0, if not why does tap0 come up when making a connection and all the traffic is being routed over the eth0? I thought the IPsec VPN was suppose to use the tap0 for the traffic? THANKS Das
_______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
