![]() ![]() Similar you can define a filter for a UDP communication. If you want to display only packets of a TCP connection sent from port 80 of one side and to port 80 of the other side you can use this display filter: tcp.srcport80 & tcp.dstport80. If the router is linux-based, you may run tcpdump on it, saving the capture to a file and download the file for opening in Wireshark on your PC, or pipe it to the PC if storage space is small (see other Questions on this site for a howto).įor capturing at one of the devices involved in the captured communication (the router) one way or another, it is not important whether your PC's VPN interface shares a subnet with the captured devices' interfaces or not. Two protocols on top of IP have ports TCP and UDP. It may also be possible to run a capture directly on the router and let it store it into a file (many of them allow this, albeit most of them have storage space limitation so you can only capture short periods of time) or, instead, to send you a copy of the traffic matching a capture filter encapsulated into UDP packets with a special header (this is what e.g. If, however, both your PC's VPN address and the two remote devices are in 10.11.0.0/16 subnet, your chances are higher if you can convince the virtual switch at the remote end to send a copy of the traffic between the two devices to your VPN interface's virtual MAC address. In this case, your chances for direct capture are very low because there is a routing between the two subnets. I would like to see the traffic on the port that the 2 machines communicate on to see if we can determine what precipitates the drops. You haven't provided your topology, but I assume that your PC has a normal internet connection and a VPN interface which gets an address from the 10.11.7.0/24 subnet while the devices you wish to capture are in 10.11.27.0/24 subnet. 1 1 1 I am watching the traffic on a machine coming and going to a server, and we frequently have a dropped connection. That depends on what exactly means remote. You enter the capture filter into the Filter field of the Wireshark Capture Options dialog box, as shown in Figure 4.3, The Capture Options dialog box. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |