That is a good idea. Thank you for the suggestion.
Bev.
On Wed, 2008-09-10 at 10:56 +0300, Alex Nedelcu wrote:
> Wireshark can't decode encrypted traffic unless you provide the keys,
> i know this is possible with ssl but haven't tried it with ipsec
> tunnels. You can try doing something on the pix though for testing
> purposes, you should configure the ipsec transform set with esp-null
> as a an option instead of the encryption algorithm you're currently
> using (esp-3des, esp-aes etc). By doing this the packets will be
> encapsulated in esp but the payload will be cleartext.
>
> Regards,
>
> Alex
>
> On Tue, Sep 9, 2008 at 8:35 PM, Bev Lekx <Bev.Lekx@xxxxxxxxxxxxxxxxx> wrote:
> > I am troubleshooting a network problem between our Cisco Pix's. I need to be
> > able to decode the Pix traffic on the encrypted side. I have configured
> > Wireshark's protocol preferences for ESP but I am unable to get Wireshark to
> > decode these packets.
> >
> > Should Wireshark be able to do this?
> >
> > Does anyone have experience doing this?
> >
> >
> >
> > Regards,
> >
> >
> >
> > Bev.
> >
> >
> >
> > _______________________________________________
> > Wireshark-users mailing list
> > Wireshark-users@xxxxxxxxxxxxx
> > https://wireshark.org/mailman/listinfo/wireshark-users
> >
> >
> _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx
> https://wireshark.org/mailman/listinfo/wireshark-users