Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    *FIXED* IPSec site-to-site transport mode GRE verification

    IPsec
    1
    1
    756
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mrleerkotte last edited by

      ~~Hello everyone,

      I've got a question regarding IPSec transport mode and GRE interfaces.

      If i understand correctly when i configure IPSec transport mode between two sites the traffic moving between the two addresses is automatically encrypted.
      Is there a way i can verify this? When dumping the enc0 interface i do not see any traffic and when dumping the WAN interface i see plain text OSPF messages from my Quagga instance that is running between the sites.

      I hope i have provided enough info.

      Thanks in advance,

      Marlon~~


      I seem to have fixed the problem, i'm not quite sure what fixed it. I changed two things, i changed the hostnames in my phase 1 entry to ip's and i disabled PFS on phase 2. After that i re-enabled PFS on Phase 2 and it still worked. I verified this by dumping my WAN and enc0 interface. If anyone has the same problem and can't figure it out i'd be willing to help out.

      Marlon

      1 Reply Last reply Reply Quote 0
      • First post
        Last post