ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-users: [Wireshark-users] ESP and unencrypted packets

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "no way" <my_no2_mail@xxxxxxxxxxx>
Date: Sun, 27 Aug 2006 03:10:49 +0000
I captured some traffic from a VPN tunnel, on the tunnelling end.
Apart from the ESP packets, some unencrypted packets also appear.

For example:
"1", "00:11:08.539409", "155.245.32.8", "155.245.32.10", "ESP", "ESP (SPI=0x595c35ec)" "2", "00:11:08.539632", "155.245.32.10", "155.245.32.8", "ESP", "ESP (SPI=0x6d7ecf2c)" "3", "00:11:08.539632", "192.168.1.2", "10.0.0.2", "TCP", "80 > 34480 [SYN, ACK] Seq=0 Ack=0 Win=5792 Len=0 MSS=1460 TSV=6521974 TSER=6522154 WS=2" "4", "00:11:08.540078", "155.245.32.8", "155.245.32.10", "ESP", "ESP (SPI=0x595c35ec)"
I use 4 machines: two clients and two servers. The servers perform the tunnel. Each server comunicates with one client using a second ethernet card. Thus no unencrypted packets should apear on the ethernet used for the tunneling. 

What should I do?

Regards,

Ioannis Kalogridis

_________________________________________________________________
Be the first to hear what's new at MSN - sign up to our free newsletters! http://www.msn.co.uk/newsletters
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube