How can i use preshared key option using IPSECCMD?
Last response: in Windows XP
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)
Hi.. I'm Sunhee.
My question is how to use preshared key parameter using IPSECCMD
command.
This is my test scenario. I set ipsec on 2 PCs using IPSECCMD as
follwoing.
------------------------------------------------------------------
PC1) ipseccmd -f 192.168.1.193+192.168.1.194 -n ah[md5] -a p:"ims"
PC2) ipseccmd -f 192.168.1.194+192.168.1.193 -n ah[md5] -a p:"ims"
------------------------------------------------------------------
and then I send ping from pc1 to pc2.
I thought that there was no key exchage(ISAKMP) if i set [-a p:"test"]
option.
But, PC1 still sent ISAKMP pakcet.
I wonder why pc1 send ISAKMP packet?
As I know isakmp paket is used to exchange keys and alogrithms.
But, I already set "Preshared key" and "algorithm".
My test senario was worong??
Actually, there's something strange.
After I set like upper.
I checked local SA using "ipseccmd show sas" command.
but, thers was no SAs.
Only after sending ping, I can see a SAs.
Can I make a SA using IPSECCMD command?
Maybe ISAKMP packet was sended, because there was no SA.
Please give me some advice.
Thnak you in advanced.
Hi.. I'm Sunhee.
My question is how to use preshared key parameter using IPSECCMD
command.
This is my test scenario. I set ipsec on 2 PCs using IPSECCMD as
follwoing.
------------------------------------------------------------------
PC1) ipseccmd -f 192.168.1.193+192.168.1.194 -n ah[md5] -a p:"ims"
PC2) ipseccmd -f 192.168.1.194+192.168.1.193 -n ah[md5] -a p:"ims"
------------------------------------------------------------------
and then I send ping from pc1 to pc2.
I thought that there was no key exchage(ISAKMP) if i set [-a p:"test"]
option.
But, PC1 still sent ISAKMP pakcet.
I wonder why pc1 send ISAKMP packet?
As I know isakmp paket is used to exchange keys and alogrithms.
But, I already set "Preshared key" and "algorithm".
My test senario was worong??
Actually, there's something strange.
After I set like upper.
I checked local SA using "ipseccmd show sas" command.
but, thers was no SAs.
Only after sending ping, I can see a SAs.
Can I make a SA using IPSECCMD command?
Maybe ISAKMP packet was sended, because there was no SA.
Please give me some advice.
Thnak you in advanced.
More about : preshared key option ipseccmd
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)
Ana another question.
How can i set SPI value?
I also tested IPSec6 command on XP.
and I can set SPI value in the "xxx.sad" file which is used by ipsec6
command.
but, ipseccmd command makes some random spi values. I can see spi
values using "ipseccmd show sas".
Is it possible to set spi values manually?
Thank you.
Ana another question.
How can i set SPI value?
I also tested IPSec6 command on XP.
and I can set SPI value in the "xxx.sad" file which is used by ipsec6
command.
but, ipseccmd command makes some random spi values. I can see spi
values using "ipseccmd show sas".
Is it possible to set spi values manually?
Thank you.
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)
there is a new ipsec newsgroup that would be well suited for this type of
question
microsoft.public.windows.networking.ipsec
I'm not aware the you can manually set the SPI. I thought the systen
calculated as part of the SA negotiation.
--
Stephen Cartwright [MSFT]
"This posting is provided "AS IS" with no warranties, and confers no
rights."
"sunny" <ogoooood@yahoo.co.kr> wrote in message
news:1119262483.622773.75300@g14g2000cwa.googlegroups.com...
> Ana another question.
>
> How can i set SPI value?
>
> I also tested IPSec6 command on XP.
> and I can set SPI value in the "xxx.sad" file which is used by ipsec6
> command.
>
> but, ipseccmd command makes some random spi values. I can see spi
> values using "ipseccmd show sas".
> Is it possible to set spi values manually?
>
> Thank you.
>
there is a new ipsec newsgroup that would be well suited for this type of
question
microsoft.public.windows.networking.ipsec
I'm not aware the you can manually set the SPI. I thought the systen
calculated as part of the SA negotiation.
--
Stephen Cartwright [MSFT]
"This posting is provided "AS IS" with no warranties, and confers no
rights."
"sunny" <ogoooood@yahoo.co.kr> wrote in message
news:1119262483.622773.75300@g14g2000cwa.googlegroups.com...
> Ana another question.
>
> How can i set SPI value?
>
> I also tested IPSec6 command on XP.
> and I can set SPI value in the "xxx.sad" file which is used by ipsec6
> command.
>
> but, ipseccmd command makes some random spi values. I can see spi
> values using "ipseccmd show sas".
> Is it possible to set spi values manually?
>
> Thank you.
>
Related ressources:
- ForumL2TP w/ Preshared Key better than PPTP?
- ForumHas anyone got Win2K RRAS XP Pre-Shared Keys to work thro..
- ForumTerminal Services + IPsec using certificates?
- ForumWhat IPSec client to use on WinXP Pro to connect to a Link..
- ForumWhy use encryption?
- ForumAUTHENTICATION : Open System or Shared Key
- ForumHow to use certificates for L2TP VPN connection
- ForumCreating a Login for Internet Usage
- ForumVpn in hardware firewall
- ForumI cant connect to WPA2 personal on my router
- ForumWiFi network setup for 200 users
- ForumVPN Gurus, Help!!! How to size a VPN router?
- ForumHow secure is MAC Address Filtering?
- ForumHow to setup security ?
- ForumHow do I configure WPA, 802.11x security with AP D-link DW..
- ForumHow can i use my windows product key
- ForumHELP!!! Please with Windows XP
- ForumHow can I restore a deleted user and files
- ForumHow to delete certain files?
- ForumSafely using telnet and groups ..
- More resources
Read discussions in other Windows XP categories
!
