Tim Pushor wrote:
May be a dumb question, but how do I look at traffic going over an IPSEC tunnel, on one of the OpenBSD machines? I've tried tcpdump -i enc0 but get nothing ..
That is exactly what you do. Remember you can not use filters on it, no tcpdump -i enc0 host wakkawakka if plain old tcpdump -i enc0 is not showing anything then probably you are not actually encrypting. Does tcpdump -i outside_iface show you ESP traffic does netstat -rnf encap show tunnels?
