Well, I've got what I'm looking for now. Not really sure what the deal
was but after I changed my "Sniffing" PC's IP address to look like the
gateway for one of the Netscreen devices, packets started showing up.
Moved everything back and still saw the packets. Go figure... Anyway,
thanks again for all the suggestions.
-----Original Message-----
From: ethereal-users-bounces@xxxxxxxxxxxx
[mailto:ethereal-users-bounces@xxxxxxxxxxxx] On Behalf Of Paul Hoffman /
VPNC
Sent: Tuesday, April 06, 2004 1:47 PM
To: Ethereal user support
Subject: RE: [Ethereal-users] Ethereal and Site-to-Site VPNs
Watching IPsec VPN traffic with Ethereal works fine. In fact, it is
what we use for all of our IPsec testing. See
<http://www.vpnc.org/detail-basic-interop.html> for an example of how
we do it and what it shows. You can see each side doing the IKEv1
dance as plaintext through message 4, then message 5 and 6 as
encrypted, then Phase 2 happening, then ESP packets.
And, yes, I am using a real 10BaseT hub between all the gateways.
Setting up a VLAN and other such magic on managed hubs should have
worked in theory, but after 10 hours and three different switches, I
gave up. Now if I could just find a good used 36- or 48-port hub...
--Paul Hoffman, Director
--VPN Consortium
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users