Tags: , ,

Forum Replies

  1. tkalis says:


    Hi. Just to confirm I am reading this correctly for IKE Phase I ISAKMP process it is used to build the secure tunnel for the Phase II, but it and of itself is not securing the information/parameters/valued exchanged under phase I?

  2. Hi Thomas,

    That's right, when you use main mode you can see that the first 4 messages (with all the parameters) are sent in clear text. Take a look at this wireshark capture:

    IKEv1 main mode


  3. Hi Rene,

    Am I right about DH if i say:
    I configured PSK on both sides, then DH use its own (differrent) key to secure the configured PSK and it will do the exchange?

  4. Hi Rene,

    I have couple of doubts. Can I have your attention to get this reply.

    Site to Site Tunnel is established properly between Site A and Site B. Both the Phases 1 & 2 is established properly. Both the site can ping each other nicely.

    Now, Scenario 1> Site A traffic cannot be decrypted at Site B -> What could be the possible reasons?
    Scenario 2> Site A traffic cannot be encrypted -> What could be the possible reasons?
    Scenario 3> from Site A to Site B traffic is passing slowly -> What could be the possible reasons?


  5. Thanks Laz that was helpful.

22 more replies! Ask a question or join the discussion by visiting our Community Forum