验证是否正在通过 IPSec 进行通信?
Verifying that a communication is happening over IPSec?
有没有一种方法可以测试两台主机之间的通信是否通过 IPSec 协议进行?
我有两个不同的主机 运行 OpenSource Peer2PeerVPN 解决方案。我有一台主机通过 net-cat 工具收听消息。
nc -v -l -p 9999
另一台主机通过 VPN 隧道连接到此
nc -v 192.168.188.2 9999
我想验证或检查通信是否确实通过 IPSec 协议进行。另外,我想查看 IPSec 协议的 Authentication 和 Encapsulation Headers 的值。
我试过 tcpdump 但我猜它只提供网络层之上的层的捕获 - 传输。
EDIT:
Based on a comment below I downloaded a sample pcap file to view how headers look in a IPSec communication. I see that these traces have ESP headers of the IPSec protocol.
However, when I try the same with the VPN Tool I'm using I don't see any packets with ESP header on the tcpdump. I was listening on the VPN interface (peervpn0) that the tool creates.
To check if this was a problem with the tool, I connected to a remote server to which I usually connect using VPN and sent some data via netcat to my machine from inside the remote-machine (I ssh'ed in). I listened for all packets on the VPN interface created by the Cisco VPN Tool (utun0) with filter esp
tcpdump -vvv -i utun0 esp
Still, I did not see any traces.
What am I missing here?
Should I listen on the default interface (my wifi interface) via which the VPN tunnel is created to see the ESP Headers?
Or have understood something wrong here?
谢谢
沙比尔
通过进一步阅读,我发现 PeerVPN 不通过 IPSec 进行通信,而是使用加密和通过底层接口将数据作为 UDP 负载发送。
我还看到许多 VPN 工具确实这样做,并且确实加密隧道接口数据包并在底层接口中通过 UDP 转发它们。此外,一些 VPN 解决方案有一个单独的选项来专门启用 IPSec 协议。
谢谢。
有没有一种方法可以测试两台主机之间的通信是否通过 IPSec 协议进行?
我有两个不同的主机 运行 OpenSource Peer2PeerVPN 解决方案。我有一台主机通过 net-cat 工具收听消息。
nc -v -l -p 9999
另一台主机通过 VPN 隧道连接到此
nc -v 192.168.188.2 9999
我想验证或检查通信是否确实通过 IPSec 协议进行。另外,我想查看 IPSec 协议的 Authentication 和 Encapsulation Headers 的值。
我试过 tcpdump 但我猜它只提供网络层之上的层的捕获 - 传输。
EDIT:
Based on a comment below I downloaded a sample pcap file to view how headers look in a IPSec communication. I see that these traces have ESP headers of the IPSec protocol.However, when I try the same with the VPN Tool I'm using I don't see any packets with ESP header on the tcpdump. I was listening on the VPN interface (peervpn0) that the tool creates.
To check if this was a problem with the tool, I connected to a remote server to which I usually connect using VPN and sent some data via netcat to my machine from inside the remote-machine (I ssh'ed in). I listened for all packets on the VPN interface created by the Cisco VPN Tool (utun0) with filter esp
tcpdump -vvv -i utun0 esp
Still, I did not see any traces.
What am I missing here?
Should I listen on the default interface (my wifi interface) via which the VPN tunnel is created to see the ESP Headers?
Or have understood something wrong here?
谢谢
沙比尔
通过进一步阅读,我发现 PeerVPN 不通过 IPSec 进行通信,而是使用加密和通过底层接口将数据作为 UDP 负载发送。
我还看到许多 VPN 工具确实这样做,并且确实加密隧道接口数据包并在底层接口中通过 UDP 转发它们。此外,一些 VPN 解决方案有一个单独的选项来专门启用 IPSec 协议。
谢谢。