IPSec & VPN: VPN Tunnel Parameters
VPN Tunnel parameters.
1. Use only ESP since traffic is going through a “public” network.
2. Use pre-shared keys for device authentication. The key can be a
string of characters and numbers selected by you. Example: cisco123.
3. For encryption use DES only.
All other parameter values (DH group, HMAC standard, etc) should be
chosen by each student group.
Running Ethereal to capture packets. The software
application Ethereal is installed on all computers of the security lab.
However for this lab you will only need to activate it in PC2 . To
activate Ethereal and start a packet capture, do the following:
1. Login into each machine as seclab
2. Activate the Ethereal icon that is on the Desktop
3. Go to the Capture menu and click on the OK button to start the
packet capture. A capture progress window should pop-up.
4. Once enough packets have been captured or enough time has elapsed,
click on the Stop button. Capture only the packets you need in order to
make your analysis easier.
5. Once you have stopped the packet capture, you should be able to
recognize three different screen sections: The packet list section
(upper section), the packet details section (middle section) and the
packet bytes section (lower section). Each time you select a packet in
the packet list section the other two sections will change accordingly.
You can now analyze the captured packets as you wish.
The Filter text field on the main screen allows you to specify which
packets should be displayed on the packet list section of the screen.
Use this to get a view of only those packets that you are interested in.
For example, if you write telnet in this field you will only see the
packets related to a captured telnet session.