D-Link DFL-260E User Manual for DFL-260E - Page 451
Explanation of Above Values, Step 6. Server ID Response
View all D-Link DFL-260E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 451 highlights
9.4.5. Troubleshooting with ikesnoop Chapter 9. VPN Payload data length : 8 bytes Protocol ID : ISAKMP Notification : Initial contact Explanation of Above Values Flags: E means encryption (it is the only flag used). ID: Identification of the client The Notification field is given as Initial Contact to indicate this is not a re-key. Step 6. Server ID Response The server now responds with its own ID. IkeSnoop: Sending IKE packet to 192.168.0.10:500 Exchange type : Identity Protection (main mode) ISAKMP Version : 1.0 Flags : E (encryption) Cookies : 0x6098238b67d97ea6 -> 0x5e347cb76e95a Message ID : 0x00000000 Packet length : 60 bytes # payloads :2 Payloads: ID (Identification) Payload data length : 8 bytes ID : ipv4(any:0,[0..3]=192.168.10.20) HASH (Hash) Payload data length : 16 bytes Step 7. Client Sends a List of Supported IPsec Algorithms Now the client sends the list of supported IPsec algorithms to the server. It will also contain the proposed host/networks that are allowed in the tunnel. IkeSnoop: Received IKE packet from 192.168.0.10:500 Exchange type : Quick mode ISAKMP Version : 1.0 Flags : E (encryption) Cookies : 0x6098238b67d97ea6 -> 0x5e347cb76e95a Message ID : 0xaa71428f Packet length : 264 bytes # payloads :5 Payloads: HASH (Hash) Payload data length : 16 bytes SA (Security Association) Payload data length : 164 bytes DOI : 1 (IPsec DOI) Proposal 1/1 Protocol 1/1 Protocol ID : ESP SPI Size :4 SPI Value : 0x4c83cad2 Transform 1/4 Transform ID : Rijndael (aes) Key length : 128 Authentication algorithm : HMAC-MD5 451