RE: Keying Material
Stephane Beaulieu <stephane <at> cisco.com>
2002-08-01 13:12:21 GMT
We used to have bakeoffs to deal with such issues. Unfortunately, bakeoffs
are rare these days because most vendors achieved good basic
interoperability years and years ago.
Probably the easiest way to do this is to try sending packets through and
turning on debugging on the Cisco device. It won't give you the keys, but
it'll tell you if authentication and/or decryption fail.
If your keys are incorrect, try and try again.
You might also want to try and interop with some of the open source IPsec
implementations. You can probably modify their code to spew out the keys
you're looking for.
> -----Original Message-----
> From: owner-ipsec <at> lists.tislabs.com
> [mailto:owner-ipsec <at> lists.tislabs.com]On Behalf Of Amol Deshmukh
> Sent: Thursday, August 01, 2002 1:40 AM
> To: ipsec <at> lists.tislabs.com
> Subject: Keying Material
> I am trying to interop, our IKE implementation with Cisco.
> From the keying material generated, the keys for