I have an ip to ip tunnel between two MT devices on differnt sides of the net. my goal here is to securly connects these two private networks.
I have the IPsec rules set to encrypt all traffic between the public IPs of Side 1 and Side 2
Currently i have everything working, and if i ping or send data from the private network on side 2 to side 1 everything works fine. If i then disable my IPsec rules on any one side, the flow stops as it should.
furthermore, counters on both sides are running up tons and tons of In decrypted and out encrypted packets in proportion to how much data i have flowing across the link (i.e. if i do a Bandwidth test across (no via the MT boxes, through them) the private networks not only will the CPU usage spike as it should, but also the number of encrypted/decrypted packets shoots up, again as it should).
my ONLY problem is that when i do a packet sniff (via MT) on either side, of the public IP interface (a cable modem on side 1 with a public IP, and a uplink with a public IP on side two) I AM able to see and read any unencrypted traffic (such as syslog or SNMP data flowing across the private tunnel, this is not correct)
what is going on here?? what should i be seeing with that packet dump? or is MT decoding the packets before saving them into the dump file of this IPsec encrypted tunnel?
tks