This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hi,

I would like to know if there is any mechanism to decrypt and analyze the SCTP packets exchanged over IPSec tunnels between two end nodes, for troubleshooting using Wireshark or tshark?

Please advise.

Regards, SC

asked 22 Dec '13, 20:23

tintin's gravatar image

tintin
26113
accept rate: 0%


Try it by setting preferences for ESP option. Regards, NA

permanent link

answered 22 Dec '13, 23:01

alaska's gravatar image

alaska
1
accept rate: 0%

In other words, you have to configure Wireshark to decode the IPSec; after that then it will analyze whatever the IPSec payload as normal. See the wiki for more details.

(23 Dec '13, 07:21) JeffMorriss ♦

One-upping this question because I suspect in the next couple quarters it's going to be a popular need in mobile. IPX and Diameter is coming. :)

(26 Dec '13, 07:23) Quadratic
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×1,620
×62
×25
×19

question asked: 22 Dec '13, 20:23

question was seen: 2,018 times

last updated: 26 Dec '13, 07:23

p​o​w​e​r​e​d by O​S​Q​A