Cisco ASA抓包

Shawn-Hu

已于 2023-06-16 15:44:24 修改

阅读量627

点赞数

文章标签： cisco 网络网络安全

于 2023-04-03 00:41:46 首次发布

本文链接：https://blog.csdn.net/m0_50942850/article/details/129920237

版权

开启抓包

capture ipsec interface outside match ip host 12.1.1.1 any

查看抓包

show capture ipsec decode
加decode参数可以看到数据包具体内容，以下为ipsec第一阶段第一个包为例，可以看到对端encryption使用AES-CBC-256，Hash为sha，DH组是Group5

1: 16:01:03.588913 183.95.38.220.500 > 211.147.83.197.500: udp 292
ISAKMP Header
Initiator COOKIE: c9 d5 15 b0 94 aa a3 25
Responder COOKIE: 00 00 00 00 00 00 00 00
Next Payload: Security Association
Version: 1.0
Exchange Type: Identity Protection (Main Mode)
Flags: (none)
MessageID: 00000000
Length: 604045312
Payload Security Association
Next Payload: Vendor ID
Reserved: 00
Payload Length: 60
DOI: IPsec
Situation:(SIT_IDENTITY_ONLY)
Payload Proposal
Next Payload: None
Reserved: 00
Payload Length: 48
Proposal #: 1
Protocol-Id: PROTO_ISAKMP
SPI Size: 0
# of transforms: 1
Payload Transform
Next Payload: None
Reserved: 00
Payload Length: 40
Transform #: 1
Transform-Id: KEY_IKE
Reserved2: 0000
Life Type: seconds
Life Duration (Hex): 00 01 51 80
Encryption Algorithm: AES-CBC
Key Length: 256
Authentication Method: Preshared key
Hash Algorithm: SHA1
Group Description: Group 5
Payload Vendor ID
Next Payload: Vendor ID
Reserved: 00
Payload Length: 20
Data (In Hex):
4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
Payload Vendor ID
Next Payload: Vendor ID
Reserved: 00
Payload Length: 20
Data (In Hex):
7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Payload Vendor ID
Next Payload: Vendor ID
Reserved: 00
Payload Length: 20
Data (In Hex):
cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48
Payload Vendor ID
Next Payload: Vendor ID
Reserved: 00
Payload Length: 20
Data (In Hex):
90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f
Payload Vendor ID
Next Payload: Vendor ID
Reserved: 00
Payload Length: 20
Data (In Hex):
16 f6 ca 16 e4 a4 06 6d 83 82 1a 0f 0a ea a8 62
Payload Vendor ID
Next Payload: Vendor ID
Reserved: 00
Payload Length: 20
Data (In Hex):
44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
Payload Vendor ID
Next Payload: Vendor ID
Reserved: 00
Payload Length: 20
Data (In Hex):
af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00
Payload Vendor ID
Next Payload: Vendor ID
Reserved: 00
Payload Length: 20
Data (In Hex):
40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3
Payload Vendor ID
Next Payload: Vendor ID
Reserved: 00
Payload Length: 24
Data (In Hex):
40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3
c0 00 00 00
Payload Vendor ID
Next Payload: None
Reserved: 00
Payload Length: 20
Data (In Hex):
82 99 03 17 57 a3 60 82 c6 a6 21 de 00 00 00 00