[strongSwan] Is a trusted man in the middle possible with ipsec ike v2 tunnel mode?

Jakob Curdes jc at info-systems.de
Mon Apr 21 22:19:12 CEST 2014


Am 21.04.2014 18:41, schrieb Bob W:
> Hi all,
>
>    please redirect me to a better list if this is not the right place to
> ask the question.
>
> Does anyone know of a product which would allow me to sit on the ip
> links in bridge mode(using Linux) and become a "Trusted" man in the
> middle?  Is it even possibly to be a Trusted man in the middle of an
> ipsec connection if you know the pass phases, configurations, etc that
> are configured in the gateway.
IPSec has been designed to avoid that this is possible. Even if you know 
the credentials etc. you cannot play man in the middle without breaking 
the connection.
You will need to reconfigure the connections themselves to achieve what 
you want, even if you have all the information that the peers have.
JC


More information about the Users mailing list