[strongSwan] log IKE SPIs after rekeying
joern.mewes at gmx.net
Mon Jun 9 21:37:25 CEST 2014
I am trying to decrypt the IKEv2 message exchanged between strongswan
5.0.4 and a 3rd party VPN device for troubleshooting purposes. To get
the needed SPIs and keys I enabled log level 4 for IKE by running
“ipsec stroke loglevel ike 4” before bringing up the tunnel.
After starting the tunnel I am able to get all need keys and SPIs to
decode the IKE packets however after IKE-rekeying (without reauth)
charon logs just “Sk_ei", "Sk_er", Sk_ai" and "Sk_ar". For some reason
I could not find the new SPIs I need to insert into wireshark. Is there
any special log or configuration option I need to enable to get these
SPIs logged as well?
More information about the Users