01-29-2010 01:41 AM
Hi Srini,
How we can show an evidence saying my data is getting ecrypted over the VPN network.
I am running an IP-SEC VPN and i want to show an evidence saying the packets are getting encrypted.
One option was to show the counters count Inbound / outbound, but which was not that much supportive.
Is there any option to show some evidence of ecnryption???
Thanks
Gopi
01-29-2010 07:41 AM
Try the following command-
interface: Tunnel0
Crypto map tag: vpn, local addr 69.222.73.2
protected vrf: (none)
local ident (addr/mask/prot/port): (69.222.73.2/255.255.255.255/47/0)
remote ident (addr/mask/prot/port): (69.222.73.1/255.255.255.255/47/0)
current_peer 69.222.73.1 port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 52438988, #pkts encrypt: 52438988, #pkts digest: 52438988
#pkts decaps: 1013823840, #pkts decrypt: 1013823840, #pkts verify: 1013823840
This is showing the number of packets this router is encrypting and decrypting with its peer.
Hope that helps.
01-29-2010 05:01 PM
Colin says it all with a command!
01-30-2010 09:52 PM
If that doesnt work--provide enough evidence, then run a sniffer on the
outside interface of one of your vpn devices and you can show that the
payload of the packets is in fact encrypted.
On Fri, Jan 29, 2010 at 5:01 PM, pudawat
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: