OSTU - Troubleshooting VPN with Wireshark (by Tony Fortunato)

10,350 views

Published on

Tony Fortunato is a Senior Network Specialist with experience in design, implementation, and troubleshooting of LAN/WAN/Wireless networks, desktops and servers since 1989. His background in financial networks includes design and implementation of trading floor networks. Tony has taught at local high schools, Colleges/Universities, Networld/Interop and many onsite private classroom settings to thousands of analysts.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
10,350
On SlideShare
0
From Embeds
0
Number of Embeds
786
Actions
Shares
0
Downloads
82
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

OSTU - Troubleshooting VPN with Wireshark (by Tony Fortunato)

  1. 1. Wireshark QuickStart Tony Fortunato, Sr Network Specialist The Technology Firm Troubleshooting With A VPN Client
  2. 2. What are you talking about? <ul><li>In some cases you need to troubleshoot through a VPN connection </li></ul><ul><ul><li>Some analyzers just show you encrypted ‘mumbo jumbo’ (yes it’s a real word, look it up) </li></ul></ul><ul><ul><li>You need to see the real data being transferred </li></ul></ul><ul><ul><li>To complicate things, you may need to do this using a wireless connection, which some commercial analyzers don’t natively support </li></ul></ul><ul><ul><li>And of course some VPN vendors create ‘virtual adapters’ to confuse you further </li></ul></ul><ul><li>In this example, I’ll use Cisco’s VPN and Microsoft’s client, since I run into them often </li></ul>
  3. 3. What People Typically Do <ul><li>The logical approach would be to capture packets from your network interface. </li></ul><ul><li>Unfortunately many VPN clients use their own interface </li></ul><ul><li>In the screenshot below, I pinged the default gateway with the Cisco VPN client connected, but don’t see any evidence of it </li></ul>
  4. 4. TIP: Launch Wireshark Quickly and Easily <ul><li>The easiest way to determine which adapter to use is to select Capture->Interfaces after you VPN in and continuously ping something </li></ul>
  5. 5. Results <ul><li>Now when you capture from the correct interface you can see all you data in clear text (if the application is in clear text) </li></ul><ul><li>In this example my pings are clearly visible </li></ul>
  6. 6. Microsoft interface <ul><li>For the Microsoft client, I used the same methodology to determine the correct interface. </li></ul>
  7. 7. Microsoft Client Bonus <ul><li>If you select the Microsoft Client and connect, you can analyze the login process. </li></ul>
  8. 8. Wrong Microsoft Login Credentials
  9. 9. Wireshark Training - QuickStart Tony Fortunato, Sr Network Specialist The Technology Firm Thank you
  10. 10. <ul><li>For additional educational videos on Open Source Network Tools, please click on the following … </li></ul><ul><li>http://www.lovemytool.com/blog/ostu.html </li></ul>LoveMyTool.com – Community for Network Tools

×