[strongSwan] Traffic Pauses to IKEv1 VPN with Juniper ISG 1000

Mahesh Neelakanta neelakanta at gmail.com
Sun Dec 13 18:14:55 CET 2015


Noel, Thanks. I've enabled level loglevel 2 and restarted things awaiting
the pause to occur again and will reply with an update.

Regarding packet capture, I am on ubuntu 14.04. I followed the steps on
https://wiki.strongswan.org/projects/strongswan/wiki/CorrectTrafficDump but
when I tried to do the tcpdump, I get this error:

# tcpdump -s 0 -n -i nflog:5
tcpdump: NFULNL_CFG_CMD_PF_UNBIND: Operation not permitted

ifconfig doesn't show any nflog interface.

mahesh

On Sun, Dec 13, 2015 at 11:23 AM, Noel Kuntze <noel at familie-kuntze.de>
wrote:

>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> >Hi Noel, Thanks for the quick reply.
> > What level of loglevel should I enable? Also due to the nature of the
> traffic (medical data),
> > I can post it publicly so can I send it to you?
> > I do have a tcpdump capture of the ~10 second window during when the
> problem starts. Will that help?
>
> Hello Mahesh,
>
> Please keep the mailing list as recipient.
> The IP address and packet size can hardly be considered confidential.
> We are not interested in the packets' contents.
> You're free to remove any packet contents, we're just interested in the
> IP and ESP protocol headers.
> I wrote a small document[1] on taking traffic dumps correctly.
> Maybe that will be useful in the future.
>
> Please post logs with default=2.
> Use a pastebin or attach them to the email. There is a attachement
> size limit on this mailing list, so a pastebin is preferred.
>
> [1]
> https://wiki.strongswan.org/projects/strongswan/wiki/CorrectTrafficDump
> - --
>
> Mit freundlichen Grüßen/Kind Regards,
> Noel Kuntze
>
> GPG Key ID: 0x63EC6658
> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
>
> iQIcBAEBCAAGBQJWbZt5AAoJEDg5KY9j7GZYic8P/jBx9odqxmwswo9GjpxIRvYK
> EoGX0qnIGyhv1B1Mfw1o6KacqGg+W+sH+lebbs+r0/TaMWloucMN7PYNumcPsdbo
> BQmDBofd95q4ZmKrCTYs92xT+Ks8cugH1uTq6swB+mfuWKUcP4jy8F+kVEAsc9kS
> AfqQdOMiF4I4xfFbF/ssYNWB8QuPAMeGw4xLB/xcoKRCvleE12+sT9iv3vKaoF0W
> 6uNpM+K/f5JbkrgfBLPnmBc0RYGKF5LnwSQaADYTYthYQT1WANH2HpTssLM+nq92
> k/+FPakQ5pI3mzBNaE5JAxv1JjcYHVuQK0ibEu/YBgWppH8iFtLX76nLPkmbgfsH
> pVo1WGxH1skgMKQp+cbYOlXbG4hLVfUySP859QQsNFS07XAjrmNKkecESqVx2oMe
> 1MeMcDWy32T08evuzw/MDt2uwSymPPWJGgamIOviegV18bA4QI7bz6i84Tdu8F+F
> BXJVunWpliZqHQYWUSFhBMMWe6k0q1rgG19UoxXxGGQ61WWvEFV5wjZON1t1Jj7Z
> qZlfDdwqygUZUxMDJimHiqHNyqNyb1aP/xyqHxy60T9+lxwNQCK0xsMewfsU5R35
> NNb0ST98cq/P0ON1yiagjRv7yIDi0bYtsz+JvFkAK90a71nRshdlJ/HcoAztOLoY
> RoMSvehdYB/oMR8Z5Rov
> =HJDN
> -----END PGP SIGNATURE-----
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20151213/595b2e38/attachment.html>


More information about the Users mailing list