| Subject: | tunnel up but no encryption.. |
| From: | "Alex" <aoclarit,AT,kiwi,DOT,dhs,DOT,org> |
| Date: | Thu, 17 Jan 2002 19:24:37 +0100 |
Hi folks
I've compiled cipe snapshot 20020112 on RH 7.2 with kernel 2.4.17. It
compiled with no problems and when I start the cipe interfaces they seem to
work.
Cipcb0 on box A = 10.1.1.1 and cipcb0 on box B = 10.2.1.1. I can ping
10.2.1.1 from 10.1.1.1 which I believe proves that the tunnel is up.
The problem is when I telnet trough the tunnel and capture the session using
ethereal it turns out that none of this stuff is encrypted whatsoever. I can
see passwords, usernames etc.
I thought Blowfish was the default cipher but interestingly when I do a
/usr/local/sbin/ciped-cb debug=15
I get this output
CIPE daemon vers 1.6.pre-20020112 (c) Olaf Titz 1996-2000
device=cipcb
debug=yes
cipher=(none)
ipaddr=10.1.1.1
ptpaddr=10.2.1.1
mask=
bcast=
mtu=0
metric=0
cttl=0
me={real ip}:6060
peer={real ip}:6060
key=(secret)
nokey=no
socks=
tokxc=0
tokey=0
ipup=(none)
ipdown=(none)
arg=(none)
maxerr=8
tokxts=0
ping=0
toping=0
dynip=no
hwaddr=(none)
ifconfig=no
checksum=no
ignoredf=no
forcemtu=no
Using cipcb0 index 0
sending CT_CONFREQ
KX: [NK_REQ] sending NK_IND 85E6ADF2
KX: [NK_RREQ] sending NK_REQ
KX: [NK_ACK] got 85E6ADF2
KX: [NK_IND] sending NK_ACK EED01043
I guess the problem is that cipher is set to none instead of Blowfish but
why ?
an help would be greatly appreciated.
thx
Alex