debugging encrypted part of isakmp
Andriy Gapon
avg at icyb.net.ua
Fri Jan 14 06:44:25 PST 2005
on 14.01.2005 16:07 Bruce M Simpson said the following:
> On Fri, Jan 14, 2005 at 11:54:36AM +0200, Andriy Gapon wrote:
> man 8 isakmpd:
>
> %%%
> -L Enable IKE packet capture. When this option is given, isakmpd
> will capture to file an unencrypted copy of the negotiation pack-
> ets it is sending and receiveing. This file can later be read by
> tcpdump(8) and other utilities using pcap(3).
> %%%
>
The problem is it is not isakmpd.
Here's more information: I am trying to reverse-engineer asymmetric
xauth/mode cfg exchange between third-party VPN/ipsec client and server.
I know all configuration parameters for both, but I don't have any
access to internal workings. At this point, I also have too little
information to successfully emulate either side, but I know what phase1
mode they use and what key material they have.
So, I am looking for the easiest way to decrypt isakmp packets using
both packet data and information like pre-shared keys, certificates etc.
--
Andriy Gapon
More information about the freebsd-security
mailing list