SIP客户端和PCSCF之间的IPSEC连接。 ESP标头不出现。 IPsec不适用于标头

时间:2019-06-24 11:24:10

标签: sip vpn ipsec ims sipp

我正在创建SIPp脚本,以创建用于在UE和PCSCF之间建立IPSEC连接的方案。
当我从受保护的UE客户端端口向PCSCF受保护的服务器端口发送第二个寄存器时,它没有以ESP数据包发送。尽管已经创建了SA,并且已经使用setkey -D进行了验证,但是IPSEC并未得到应用。

setkey -c << EOF
spdadd $pcscf/32[$port_pc] $ue/32[$port_us] tcp -P in ipsec esp/transport//require ;
spdadd $pcscf/32[$port_pc] $ue/32[$port_us] udp -P in ipsec esp/transport//require ;
add $pcscf $ue esp $spi_us -m transport -E $ealg $ck -A $alg $ik
EOF

4 SA's has been already created

192.168.137.98 192.168.137.39 
    esp mode=transport spi=1024(0x00000400) reqid=16625(0x000040f1)
    E: 3des-cbc  d0c1e6cd d58c07f7 fe4a6715 83d60210 d0c1e6cd d58c07f7
    A: hmac-md5  320fe4a8 ab88a62d f406ccb9 76346602
    seq=0x00000000 replay=4 flags=0x00000000 state=mature 
    created: Jun 24 17:01:11 2019   current: Jun 24 17:01:22 2019
    diff: 11(s) hard: 0(s)  soft: 0(s)
    last:                       hard: 0(s)  soft: 0(s)
    current: 0(bytes)   hard: 0(bytes)  soft: 0(bytes)
    allocated: 0    hard: 0 soft: 0
    sadb_seq=1 pid=9623 refcnt=0
192.168.137.98 192.168.137.39 
    esp mode=transport spi=2048(0x00000800) reqid=16624(0x000040f0)
    E: 3des-cbc  d0c1e6cd d58c07f7 fe4a6715 83d60210 d0c1e6cd d58c07f7
    A: hmac-md5  320fe4a8 ab88a62d f406ccb9 76346602
    seq=0x00000000 replay=4 flags=0x00000000 state=mature 
    created: Jun 24 17:01:11 2019   current: Jun 24 17:01:22 2019
    diff: 11(s) hard: 0(s)  soft: 0(s)
    last:                       hard: 0(s)  soft: 0(s)
    current: 0(bytes)   hard: 0(bytes)  soft: 0(bytes)
    allocated: 0    hard: 0 soft: 0
    sadb_seq=2 pid=9623 refcnt=0
192.168.137.39 192.168.137.98 
    esp mode=transport spi=147047421(0x08c3c3fd) reqid=16623(0x000040ef)
    E: 3des-cbc  d0c1e6cd d58c07f7 fe4a6715 83d60210 d0c1e6cd d58c07f7
    A: hmac-md5  320fe4a8 ab88a62d f406ccb9 76346602
    seq=0x00000000 replay=4 flags=0x00000000 state=mature 
    created: Jun 24 17:01:11 2019   current: Jun 24 17:01:22 2019
    diff: 11(s) hard: 0(s)  soft: 0(s)
    last:                       hard: 0(s)  soft: 0(s)
    current: 0(bytes)   hard: 0(bytes)  soft: 0(bytes)
    allocated: 0    hard: 0 soft: 0
    sadb_seq=3 pid=9623 refcnt=0
192.168.137.39 192.168.137.98 
    esp mode=transport spi=70783604(0x04381274) reqid=16622(0x000040ee)
    E: 3des-cbc  d0c1e6cd d58c07f7 fe4a6715 83d60210 d0c1e6cd d58c07f7
    A: hmac-md5  320fe4a8 ab88a62d f406ccb9 76346602
    seq=0x00000000 replay=4 flags=0x00000000 state=mature 
    created: Jun 24 17:01:11 2019   current: Jun 24 17:01:22 2019
    diff: 11(s) hard: 0(s)  soft: 0(s)
    last:                       hard: 0(s)  soft: 0(s)
    current: 0(bytes)   hard: 0(bytes)  soft: 0(bytes)
    allocated: 0    hard: 0 soft: 0
    sadb_seq=0 pid=9623 refcnt=0

0 个答案:

没有答案
相关问题
最新问题