Ask Your Question

Decrypting ISAKMP phase 1 packets 5 and 6

asked 2020-07-06 19:56:22 +0000

RohMoh gravatar image

Hi Team,

I see this question has been asked earlier I would like to rephrase this and would need your help in learning more about the authentication in IKE V1 ISAKMP packets number 5 and 6.

I tried to decrypt this on wireshark using Preferences> ISAKMP > IKE V1 decryption I'm successful in entering the Init Cookie and when it comes to enter the encrypting key it never seems to take any value that I enter.

Question 1> Should I be entering anything apart from the Authentication key ie. SKEYID_a as in RFC 2409 for IKE v1 that is formed for the SPI ? Question 2> Has anyone tried this before ? any help is very much appreciated.

I'm using PSK to authenticate the peers and the phase 1 Encryption is using 3 DES

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2020-07-06 21:10:10 +0000

grahamb gravatar image

The encrypting key is generated on the fly and has to be obtained from the application at the time of use, often by using debug settings. This question from the old site has some details about obtaining the key.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2020-07-06 19:56:22 +0000

Seen: 35 times

Last updated: Jul 06