以前用的 rasphone L2TP/IPSec 环境
现在不能用了
会出现
https://tinyurl.com/woghrn3
的讯息
现在了解了
https://osqa-ask.wireshark.org/questions/12708/decrypting-l2tpipsec-esp
中提到
"because you are encapsulating L2TP in IPSEC (L2TP over IPSEC). L2TP does
not
provide encryption itself, that's why it is combined with IPSEC. Unless
you
are able to decrypt the ESP packets, you won't see the L2TP
communication"
我只抓到 ISAKMP 封包
https://tinyurl.com/vpgp94w
是 IPv6
看到 IPv6 我就头大了
==========================================================================
L2TP 用 DDNS 会解成 ipv6 所以
我现在先用 ipv4 抓问题
LAN 里面连 public ipv4 可以拨号成功 有跑出 ESP 封包
via iphone 手机连 都只有 ISAKMP 跟 几个 UDPENCAP Length 43 NAT-keepalive 结果是
连不到 public ipv4 后面的 VPN server
比较封包 两者之间 via iphone 多了 ISAKMP Length 122 Informational 封包
然后重复 三个 ISAKMP Length 330, 250, 106 Quick Mode 封包
https://imgur.com/l7Ctzsw