First let's capture some packets between R1 and R2.
Now you should be able to ping across from R1.
- Right click again on the line between R1 and R2
- Select Start Wireshark
Notice that the ICMP packets are encrypted and all you see is the ESP.
- Click Edit --> Preferences
- Expand protocols
- Scroll to ESP
- Check Attempt to detect/decode encrypted ESP payload
- Input 2 SA one inbound and one outbound
- Choose des and hmac-sha
- Input the session-keys which we manually set earlier in the crypto-map in part 1
- Click Apply and OK.
Many more articles to come so stay tuned. "Join this site" on the right / click +1 below ------->