In this post, we will look at some useful commands using the ispectool under openswan.
This command is great for identification of ipsec support within linux.
Next up we can use the look option to determine iptables status & chains used.
The last command is for ipsec auto status and simple to remember. It great for determining the ciphers supported and other various status for connections. It requires sudo or root permission for execution.
ipsec auto --status
These are commonly used commands in the swan lineup that should be used for trouble shooting. Other useful tools are tcpdump/tshark for packet capturing of IKE and ESP data and for analyze of ph1/ph2 SPIs
NSE ( Network Security Expert) and Route/Switching Engineer.
kfelix -----a----t---- socpuppets ---dot---com
=( * * )=