<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: tunnel up but no encryption..
From: "Alex" <aoclarit,AT,kiwi,DOT,dhs,DOT,org>
Date: Thu, 17 Jan 2002 19:24:37 +0100

Hi folks

I've compiled cipe snapshot 20020112 on RH 7.2 with kernel 2.4.17. It
compiled with no problems and when I start the cipe interfaces they seem to
work.
Cipcb0 on box A = 10.1.1.1 and cipcb0 on box B = 10.2.1.1. I can ping
10.2.1.1 from 10.1.1.1 which I believe proves that the tunnel is up.
The problem is when I telnet trough the tunnel and capture the session using
ethereal it turns out that none of this stuff is encrypted whatsoever. I can
see passwords, usernames etc.
I thought Blowfish was the default cipher but interestingly when I do a

/usr/local/sbin/ciped-cb debug=15

I get this output

CIPE daemon vers 1.6.pre-20020112 (c) Olaf Titz 1996-2000
device=cipcb
debug=yes
cipher=(none)
ipaddr=10.1.1.1
ptpaddr=10.2.1.1
mask=
bcast=
mtu=0
metric=0
cttl=0
me={real ip}:6060
peer={real ip}:6060
key=(secret)
nokey=no
socks=
tokxc=0
tokey=0
ipup=(none)
ipdown=(none)
arg=(none)
maxerr=8
tokxts=0
ping=0
toping=0
dynip=no
hwaddr=(none)
ifconfig=no
checksum=no
ignoredf=no
forcemtu=no
Using cipcb0 index 0
sending CT_CONFREQ
KX: [NK_REQ] sending NK_IND 85E6ADF2
KX: [NK_RREQ] sending NK_REQ
KX: [NK_ACK] got 85E6ADF2
KX: [NK_IND] sending NK_ACK EED01043

I guess the problem is that cipher is set to none instead of Blowfish but
why ?

an help would be greatly appreciated.

thx
Alex





<< | Thread Index | >> ]    [ << | Date Index | >> ]