D-Link DFL-260E User Manual page 425

Network security firewall netdefendos version 2.27.03
Hide thumbs Also See for DFL-260E:
Table of Contents

Advertisement

9.4.5. Troubleshooting with ikesnoop
Step 6. Server ID Response
The server now responds with its own ID.
IkeSnoop: Sending IKE packet to 192.168.0.10:500 Exchange type :
Identity Protection (main mode) ISAKMP Version : 1.0
Flags
Cookies
Message ID
Packet length
# payloads
Payloads:
ID (Identification)
Payload data length : 8 bytes
ID : ipv4(any:0,[0..3]=192.168.10.20)
HASH (Hash)
Payload data length : 16 bytes
Step 7. Client Sends a List of Supported IPsec Algorithms
Now the client sends the list of supported IPsec algorithms to the server. It will also contain the
proposed host/networks that are allowed in the tunnel.
IkeSnoop: Received IKE packet from 192.168.0.10:500 Exchange type :
Quick mode ISAKMP Version : 1.0
Flags
Cookies
Message ID
Packet length
# payloads
Payloads:
HASH (Hash)
Payload data length : 16 bytes
SA (Security Association)
Payload data length : 164 bytes
DOI : 1 (IPsec DOI)
Proposal 1/1
Protocol 1/1
: E (encryption)
: 0x6098238b67d97ea6 -> 0x5e347cb76e95a
: 0x00000000
: 60 bytes
: 2
: E (encryption)
: 0x6098238b67d97ea6 -> 0x5e347cb76e95a
: 0xaa71428f
: 264 bytes
: 5
Protocol ID
SPI Size
SPI Value
Transform 1/4
Transform ID
Key length
Authentication algorithm : HMAC-MD5
SA life type
SA life duration
SA life type
SA life duration
Encapsulation mode
Transform 2/4
Transform ID
Key length
Authentication algorithm : HMAC-SHA-1
SA life type
SA life duration
SA life type
SA life duration
Encapsulation mode
Transform 3/4
Transform ID
: ESP
: 4
: 0x4c83cad2
: Rijndael (aes)
: 128
: Seconds
: 21600
: Kilobytes
: 50000
: Tunnel
: Rijndael (aes)
: 128
: Seconds
: 21600
: Kilobytes
: 50000
: Tunnel
: Blowfish
425
Chapter 9. VPN

Hide quick links:

Advertisement

Table of Contents
loading

Table of Contents