This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hi,

this Wireshark has a problem decrypting IKE messages when message 5 and 6 are fragmented and reassembled in Wireshark? I used the described method numerous times with OpenSwan and it worked like a charm. Then I changed to certificate based authentication and the payload exceeded the 1500 byte packet size. Although I enter ICOOKIE and enc_key as the times before, I still see only encrypted data... I will enable JUMBO frames to verify this but maybe you have seen this before...

Cheers, Dominik

asked 29 Oct '12, 09:58

Dominik's gravatar image

Dominik
1222
accept rate: 0%

converted to question 29 Oct '12, 13:32

grahamb's gravatar image

grahamb ♦
19.8k330206

Hi,

even with JUMBO frames it doesn't work. I have file a bug report for this.

Cheers, Dominik

(02 Nov '12, 06:57) Dominik
Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×14
×6

question asked: 29 Oct '12, 09:58

question was seen: 1,554 times

last updated: 02 Nov '12, 09:49

p​o​w​e​r​e​d by O​S​Q​A