On Thu, Jun 18, 2009 at 7:41 AM, Robert D. Scott<
robert@xxxxxxx> wrote:
> IP is !ESP. Permit ESP as well.
>
> Robert D. Scott
Robert@xxxxxxx
> Senior Network Engineer 352-273-0113 Phone
> CNS - Network Services 352-392-2061 CNS Phone Tree
> University of Florida 352-392-9440 FAX
> Florida Lambda Rail 352-294-3571 FLR NOC
> Gainesville, FL 32611 321-663-0421 Cell
>
>
> -----Original Message-----
> From:
wireshark-users-bounces@xxxxxxxxxxxxx> [mailto:
wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Josue Del Valle
> Sent: Wednesday, June 17, 2009 4:41 PM
> To: Community support list for Wireshark
> Subject: Re: [Wireshark-users] Help With EPS/ISAKMP - Email found in subject
>
> Hi,
>
> Thanks for replying.
>
> I was just shown the ICLs and for troubleshooting purposes, IP, UPD and
> TCP have been allowed from ANY interface in the DMZ to ANY interface on
> the trusted network. Is there anything else that could be causing this?
>
>
> -----Original Message-----
> From: Robert D. Scott [mailto:
robert@xxxxxxx]
> Sent: 2009-06-17 4:20 PM
> To: 'Community support list for Wireshark'
> Subject: [SPAM] - Re: [Wireshark-users] Help With EPS/ISAKMP - Email
> found in subject
>
> Sound like an ACL or firewall between the DMZ and the other network
> dropping
> ESP.
>
> Robert D. Scott
Robert@xxxxxxx> Senior Network Engineer 352-273-0113 Phone
> CNS - Network Services 352-392-2061 CNS Phone Tree
> University of Florida 352-392-9440 FAX
> Florida Lambda Rail 352-294-3571 FLR NOC
> Gainesville, FL 32611 321-663-0421 Cell
>
>
> -----Original Message-----
> From:
wireshark-users-bounces@xxxxxxxxxxxxx
> [mailto:
wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Josue Del
> Valle
> Sent: Wednesday, June 17, 2009 4:16 PM
> To:
wireshark-users@xxxxxxxxxxxxx
> Subject: [Wireshark-users] Help With EPS/ISAKMP
>
> Hi,
>
>
>
> I was hoping someone could help me with this issue. I have configured
> IPSec on two Windows 2003 servers using certificates as the
> authentication.
> If I run wireshark from one of the server while having both servers on
> the
> same network, I can see a bunch of ESP which indicate to me that the
> traffic
> is encrypted between the two servers. If I move one of the servers to
> another network (DMZ) and try to communicate with the server located on
> the
> trusted network, I can't and instead of getting ESP packets all I see is
> ISAKMP packets. I have not change anything on the IPsec except the ip
> for
> the server that has been moved to the DMZ. The trusted network as a
> 192.168.10.X subnet and the one on the DMZ is 192.168.20.X.
>
>
>
> If I remove IPSec I can communicate from the DMZ to the LAN as intended
> which indicate routing on the firewall is working fine. I know it is
> kind
> of confusing, but I'm trying to figure out why WireShark shows ESP
> packets
> when the server is on the LAN and ISAKMP packets when the server is
> moved to
> the DMZ.
>
>
>
> Thanks,
>
>
>
> Josue
>
> Please remember coverage cannot be bound, amended or cancelled via the
> email
> or voicemail system. You cannot bind, alter, or cancel coverage without
> speaking to an authorized representative of Braishfield Associates, Inc.
> Coverage cannot be assumed to be bound without confirmation from an
> authorized representative of Braishfield Associates, Inc.
>
>
> DISCLAIMER:
> CONFIDENTIALITY NOTICE: Braishfield Associates, Inc. would like you to
> know
> that the information contained in this communication, including
> attachments
> is privileged and confidential. It is intended only for the exclusive
> use of
> the addressee. If the reader of this message is not the intended
> recipient,
> or the employee or agent responsible for delivering it to the intended
> recipient, you are hereby notified that any dissemination, distribution
> or
> copying of this communication is strictly prohibited. Insurance coverage
> can
> not be bound, amended or changed via an e-mail message without knowledge
> or
> consent from the insuring carrier. If you have received this
> communication
> in error please notify us by telephone immediately at (407) 825-9911 or
> e-mail
disclaimer@xxxxxxxxxxxxxxx. Thank you.
>
>
>
> ________________________________________________________________________
> ___
> Sent via: Wireshark-users mailing list
> <
wireshark-users@xxxxxxxxxxxxx>
> Archives:
http://www.wireshark.org/lists/wireshark-users> Unsubscribe:
https://wireshark.org/mailman/options/wireshark-users
>
> mailto:
wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
> ___________________________________________________________________________
> Sent via: Wireshark-users mailing list <
wireshark-users@xxxxxxxxxxxxx>
> Archives:
http://www.wireshark.org/lists/wireshark-users
> Unsubscribe:
https://wireshark.org/mailman/options/wireshark-users>
> mailto:
wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
>
> ___________________________________________________________________________
> Sent via: Wireshark-users mailing list <
wireshark-users@xxxxxxxxxxxxx>
> Archives:
http://www.wireshark.org/lists/wireshark-users> Unsubscribe:
https://wireshark.org/mailman/options/wireshark-users
> mailto:
wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
