[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Keying Material

To: "Amol Deshmukh" <adeshmukh@pace.stpp.soft.net>, <ipsec@lists.tislabs.com>
Subject: RE: Keying Material
From: "Stephane Beaulieu" <stephane@cisco.com>
Date: Thu, 1 Aug 2002 09:12:21 -0400
Importance: Normal
In-Reply-To: <002f01c2391d$d4081710$af64a8c0@pace.stpp.soft.net>
Sender: owner-ipsec@lists.tislabs.com

Amol,

We used to have bakeoffs to deal with such issues.  Unfortunately, bakeoffs
are rare these days because most vendors achieved good basic
interoperability years and years ago.

Probably the easiest way to do this is to try sending packets through and
turning on debugging on the Cisco device.  It won't give you the keys, but
it'll tell you if authentication and/or decryption fail.

If your keys are incorrect, try and try again.

You might also want to try and interop with some of the open source IPsec
implementations.  You can probably modify their code to spew out the keys
you're looking for.

Good luck,
Stephane.

> -----Original Message-----
> From: owner-ipsec@lists.tislabs.com
> [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of Amol Deshmukh
> Sent: Thursday, August 01, 2002 1:40 AM
> To: ipsec@lists.tislabs.com
> Subject: Keying Material
>
>
> Hi,
>     I am trying to interop, our IKE implementation with Cisco.
>     From the keying material generated, the keys for
> encryption/authentication are created. There is no way to find out if the
> keys generated at both ends are the same.
>     Could anyone please help me in this.
>
> Thanks in advance,
> -Amol.
>

Follow-Ups:
- RE: Keying Material
  - From: "Rajesh Mohan" <rajeshmn@future.futsoft.com>

References:
- Keying Material
  - From: "Amol Deshmukh" <adeshmukh@pace.stpp.soft.net>

Prev by Date: Re: CERT REQ payload Handling Clarification
Next by Date: Re: CERT REQ payload Handling Clarification
Prev by thread: Keying Material
Next by thread: RE: Keying Material
Index(es):
- Date
- Thread