Firewall Wizards mailing list archives
PIX VPN -- setting encryption to 'none' for debugging
From: Dave Owens <dowens () iquest net>
Date: Wed, 05 Mar 2003 13:55:36 -0500
Hi All,I have a working VPN from a Sidewinder (my end) to a PIX. By "working" I mean that ip-proto-50 traffic is being passed, so there seems to be a good SA. However, the telnet session I'm attempting through the VPN never has worked. There's some NAT going on at the other end, so there's some possible problem areas.
The packets coming back to the Sidewinder never make it to the client application. To debug this thing, I'd like to be able to see the unencrypted packets as they're returned. On the Sidewinder I can select "none" for the IPSec Crypto Algorithm, but the folks on the PIX end of the VPN don't seem to think that option is available. My own research led me to some PIX commands that consisted of 'crypto ipsec' and 'null', which was changed on both ends of the VPN, but that didn't make the packets readable. The Sidewinder folks tell me that the encryption must be set to 'none'.
Does anyone know how to set encryption to 'none' on a PIX, or have any other suggestions for figuring this think out?
Thanks, Dave dowens () iquest net _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- PIX VPN -- setting encryption to 'none' for debugging Dave Owens (Mar 05)