Hi,
Thanks for replying.
I was just shown the ICLs and for troubleshooting purposes, IP, UPD and
TCP have been allowed from ANY interface in the DMZ to ANY interface on
the trusted network. Is there anything else that could be causing this?
-----Original Message-----
From: Robert D. Scott [mailto:robert@xxxxxxx]
Sent: 2009-06-17 4:20 PM
To: 'Community support list for Wireshark'
Subject: [SPAM] - Re: [Wireshark-users] Help With EPS/ISAKMP - Email
found in subject
Sound like an ACL or firewall between the DMZ and the other network
dropping
ESP.
Robert D. Scott Robert@xxxxxxx
Senior Network Engineer 352-273-0113 Phone
CNS - Network Services 352-392-2061 CNS Phone Tree
University of Florida 352-392-9440 FAX
Florida Lambda Rail 352-294-3571 FLR NOC
Gainesville, FL 32611 321-663-0421 Cell
-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Josue Del
Valle
Sent: Wednesday, June 17, 2009 4:16 PM
To: wireshark-users@xxxxxxxxxxxxx
Subject: [Wireshark-users] Help With EPS/ISAKMP
Hi,
I was hoping someone could help me with this issue. I have configured
IPSec on two Windows 2003 servers using certificates as the
authentication.
If I run wireshark from one of the server while having both servers on
the
same network, I can see a bunch of ESP which indicate to me that the
traffic
is encrypted between the two servers. If I move one of the servers to
another network (DMZ) and try to communicate with the server located on
the
trusted network, I can't and instead of getting ESP packets all I see is
ISAKMP packets. I have not change anything on the IPsec except the ip
for
the server that has been moved to the DMZ. The trusted network as a
192.168.10.X subnet and the one on the DMZ is 192.168.20.X.
If I remove IPSec I can communicate from the DMZ to the LAN as intended
which indicate routing on the firewall is working fine. I know it is
kind
of confusing, but I'm trying to figure out why WireShark shows ESP
packets
when the server is on the LAN and ISAKMP packets when the server is
moved to
the DMZ.
Thanks,
Josue
Please remember coverage cannot be bound, amended or cancelled via the
email
or voicemail system. You cannot bind, alter, or cancel coverage without
speaking to an authorized representative of Braishfield Associates, Inc.
Coverage cannot be assumed to be bound without confirmation from an
authorized representative of Braishfield Associates, Inc.
DISCLAIMER:
CONFIDENTIALITY NOTICE: Braishfield Associates, Inc. would like you to
know
that the information contained in this communication, including
attachments
is privileged and confidential. It is intended only for the exclusive
use of
the addressee. If the reader of this message is not the intended
recipient,
or the employee or agent responsible for delivering it to the intended
recipient, you are hereby notified that any dissemination, distribution
or
copying of this communication is strictly prohibited. Insurance coverage
can
not be bound, amended or changed via an e-mail message without knowledge
or
consent from the insuring carrier. If you have received this
communication
in error please notify us by telephone immediately at (407) 825-9911 or
e-mail disclaimer@xxxxxxxxxxxxxxx. Thank you.
________________________________________________________________________
___
Sent via: Wireshark-users mailing list
<wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
