Hi all, i was testing site to site vpn. My diagram is simple. I am testing it on GNS3 to observer traffic via wireshark.
R1 is connected to R2 over Fa0/0. R1 has a loopback 184.108.40.206/8 and R2 loopback 220.127.116.11/8. Traffic needs to be encrypted when 18.104.22.168 sends any ip packet to 22.214.171.124 and vice versa. Configuration is standard of Site to site vpn except this
crypto ipsec transform-set aset esp-des esp-md5-hmac
at both ends.
Now the issue is, vpn is forming correctly but when i check the debugs and show crypto ipsec sa, i am still seeing mode to be Tunnel !!. In wireshark i can see that when i send ping like this
R1#ping 126.96.36.199 source 188.8.131.52
I am seeing source and destination IPs to be 10.0.0.1 and 10.0.0.2 respec. Why is this so ? 2 questions arise here
1) Why both ends are negotiating tunnel mode instead of transport mode ?
2) Why i am not seeing the original IP header (which again falls to question 1 above )
I am really confused here ? did i misunderstood transport mode ?