Login or Register to Ask a Question and Join Our Community


Cybersecurity

Problem while establishing ISAKMP in ipsec

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Problem while establishing ISAKMP in ipsec
# 1  
Old 04-29-2008
Problem while establishing ISAKMP in ipsec
Hi,
I am facing problem while setting up ISAKMP between two hosts.
I can see only the Initiator messages but no responder messages in tcpdump. Does anyone know the cause of this behaviour?

FYI, here is the extracted information from tcpdump :
14:47:08.699113 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident
14:47:08.699120 IP 10.118.231.130 > 10.118.231.143: icmp 164: 10.118.231.130 udp port isakmp unreachable
14:47:28.610347 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident
14:47:28.610353 IP 10.118.231.130 > 10.118.231.143: icmp 164: 10.118.231.130 udp port isakmp unreachable
14:47:53.540184 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident
14:47:53.583540 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident
14:47:53.626519 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident[E]
14:47:53.661367 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 2/others I oakley-quick[E]
14:47:53.705619 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 2/others I oakley-quick[E]

Regards
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

Establishing connectivity between two servers

I am trying to establish passwordless connectivity between server A and server B, but unsuccessfuly, because I beleive two issues. the first one is that on both servers, it is not possible to use root to login, it only allows to connect using a user (any) them su - root, which in turns I am able... (1 Reply)
Discussion started by: fretagi
1 Replies

2. UNIX for Beginners Questions & Answers

Sftp connection not establishing from Linux to DataPower

Hi Everyone, I am trying to send files from Linux to DataPower server using public key based authentication but it's not working as expected and every-time password expecting for sftp transfer. Can someone please help on this? Steps I fallowed: Created keys pair at source server... (4 Replies)
Discussion started by: renukeswar
4 Replies

3. Red Hat

Samba Server not accessible after establishing iptables rules

Hi All, If I disable the iptables on the server then I can use the command mount -t cifs //192.168.122.21/sharedata tmpdata -o username=smbuser4,password=1234 If I enable the iptables. However I have use the commands on server iptables -A INPUT -m state --state NEW -m udp -p udp --dport... (1 Reply)
Discussion started by: joj123
1 Replies

4. Shell Programming and Scripting

Establishing remote connection to a Xserver from a UNIX Box

Hello Guys , I have been working on a script where we are looking to connect a remote Xserver from a Unix box. Once a connection is made , i need to run several commands on remote machine to check various stuffs. As per my knowledge on unix (which is like a drop in ocean) , i found SSH as a... (7 Replies)
Discussion started by: himanshu sood
7 Replies

5. Cybersecurity

IPSEC

hello, after configuration ipsec in ip4 I can not ping between client and server whereas I had success ping before configuration! I also generate different key for AH and ESP as i have shown below. what is my problem and what should i do to have ping and test the configuration? code: ... (0 Replies)
Discussion started by: elinaz
0 Replies

6. Ubuntu

establishing connection with e-kermit running on LINUX from my operating system

we designed a primitive operating system for learning basics fundamentals and we created process switching, interrupt/polled IO for device drivers like UART and printers. We accomplish this by using our own tools called SPEDE (for downloading compiled elf image from host ubuntu system that have... (0 Replies)
Discussion started by: bicepjai
0 Replies

7. BSD

Problem on IPSec

Hi, this is my first post...:p Hello Admin :) Can I have an ask for something with my configuration ? I have finished some kind of the tutorial to build ipsec site to site, and the "step" has finished completely. I have a simulation with a local design topology with two PC's (FreeBSD ... (0 Replies)
Discussion started by: aulia
0 Replies

8. SuSE

NoMachine NX window closes after establishing connection

Hi, I am trying to use nomachine nx server and client. But somehow it doen't work. What happens is the following: 1.- Client starts up 2.- Client authenticates with Server 3.- The NoMachine window appears for 2-4 seconds 4.- The NoMachine window exists Somehow a "closeEvent" is sent.... (3 Replies)
Discussion started by: blackicecube
3 Replies

9. Shell Programming and Scripting

Problem establishing Connection on the LAN

Hi everybody i need your help on this I have LAN which run Sun microsystem with solaris 7 OS on each of the servers. The LAN was working fine before an interruption of power supply which makes servers to operating as standalone servers. i.e none of the servers have access to one another. How do i... (2 Replies)
Discussion started by: sbmada
2 Replies

10. UNIX for Dummies Questions & Answers

Establishing connections

Hello there, just a quick question.....Can someone please explain the concept that enables you to establish a connection using the same userId Thanx (1 Reply)
Discussion started by: BigTool4u2
1 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

ipsec_ikeping

IPSEC_IKEPING(8)						Executable programs						  IPSEC_IKEPING(8)

NAME

       ipsec_ikeping - send/receive ISAKMP/IKE echo requests/replies

SYNOPSIS

       ipsec ikeping [--listen] [--verbose] [--wait time] [--exchangenum num] [--ikeport localport] [--ikeaddress address] [--inet] [--inet6]
	     destaddr [/dstport...]

DESCRIPTION

       Ikeping sends and receives ISAKMP/IKE echo request and echo reply packets. These packets are intended for diagnostics purposes, in a manner
       similar to ping(8) does for ICMP echo request/reply packets.

       At the time of this writing, the ISAKMP echo request/reply exchange is still an internet-draft (draft-richardson-ipsec-ikeping-00), and is
       therefore completely non-standard. The Libreswan IKE daemon pluto does implement this draft, so ikeping can be used to test connectivity to
       an libreswan ipsec server.

       Ikeping will bind to the local address given by --ikeaddress and the port number given by --ikeport defaulting to the wildcard address and
       the ISAKMP port 500. An ISAKMP exchange of type 244 (a private use number) is sent to each of the address/ports listed on the command line.
       The exchange number may be overridden by the --exchangenum option.

       Ikeping then listens for replies, printing them as they are received. Replies are of exchange type 245 or the specified exchange number
       plus 1.	Ikeping will keep listening until it either receives as many echo responses as it sent, or until the timeout period (5 seconds)
       has been reached. Receipt of a packet will reset the timer. The --wait option can be used to specify a different timeout period.

       If the --listen option is given, then ikeping will not send any packets. Instead, it will listen for them and reply to each request
       received.

       If the --natt option is given, then ikeping will set the socket to permit UDP encapsulated ESP packets. This is only useful in listen mode.

FILES

       no external files

SEE ALSO

       ping(8), ipsec_pluto(8)

HISTORY

       Written for the Linux FreeS/WAN project <http://www.freeswan.org> by Michael Richardson.

AUTHOR

       Paul Wouters
	   placeholder to suppress warning

libreswan							    12/16/2012							  IPSEC_IKEPING(8)