D-Link DFL-260-IPS-12 Product Manual - Page 419
Step 6. Server ID Response, Step 7. Client Sends a List of Supported IPsec Algorithms
View all D-Link DFL-260-IPS-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 419 highlights
9.4.5. Troubleshooting with ikesnoop Chapter 9. VPN Step 6. Server ID Response The server now responds with its own ID. IkeSnoop: Sending IKE packet to 192.168.0.10:500 Exchange type : Identity Protection (main mode) ISAKMP Version : 1.0 Flags : E (encryption) Cookies : 0x6098238b67d97ea6 -> 0x5e347cb76e95a Message ID : 0x00000000 Packet length : 60 bytes # payloads :2 Payloads: ID (Identification) Payload data length : 8 bytes ID : ipv4(any:0,[0..3]=192.168.10.20) HASH (Hash) Payload data length : 16 bytes Step 7. Client Sends a List of Supported IPsec Algorithms Now the client sends the list of supported IPsec algorithms to the server. It will also contain the proposed host/networks that are allowed in the tunnel. IkeSnoop: Received IKE packet from 192.168.0.10:500 Exchange type : Quick mode ISAKMP Version : 1.0 Flags : E (encryption) Cookies : 0x6098238b67d97ea6 -> 0x5e347cb76e95a Message ID : 0xaa71428f Packet length : 264 bytes # payloads :5 Payloads: HASH (Hash) Payload data length : 16 bytes SA (Security Association) Payload data length : 164 bytes DOI : 1 (IPsec DOI) Proposal 1/1 Protocol 1/1 Protocol ID : ESP SPI Size :4 SPI Value : 0x4c83cad2 Transform 1/4 Transform ID : Rijndael (aes) Key length : 128 Authentication algorithm : HMAC-MD5 SA life type : Seconds SA life duration : 21600 SA life type : Kilobytes SA life duration : 50000 Encapsulation mode : Tunnel Transform 2/4 Transform ID : Rijndael (aes) Key length : 128 Authentication algorithm : HMAC-SHA-1 SA life type : Seconds SA life duration : 21600 SA life type : Kilobytes SA life duration : 50000 Encapsulation mode : Tunnel Transform 3/4 Transform ID : Blowfish 419