How to packet trace a VPN
After installing a VPN I tried to see if outbound traffic was actually encrypted.
When the VPN is activated, ifconfig shows a new interface "tun0:" so I ran a packet trace against tun0. The trace was started with...
sudo tcpdump -i tun0 -s 0 -w VPNActivetun0.dmp
...and then Mail was started. Once mail had connected to the mail servers the trace was stopped and then formatted with...
tcpdump -s 0 -n -e -X -r VPNActivetun0.dmp
...and it contains lots of clear text including email account passwords being transmitted.
What am I doing wrong ?
I've also see that I'm tracing gobs and gobs of non-Internet packets, to and from 10.?.?.?. Do you know how I can filter these out?
Presumably your local network is 10.x.x.x, otherwise you shouldn't see these at all.
However, that said, if your local network is 10.x.x.x then you cannot tell tcpdump to blindly ignore anything to/from 10.x.x.x because that will include the very traffic you're trying to trace.
The best solution is to tell tcpdump specifically which traffic you DO want to see, either via IP address or port number.
For example, if you're trying to see what (if any) SMTP traffic (port 25) is going to/from your machine:
<pre class=command>sudo tcpdump -i en1 port 25</pre>
To see traffic going to/from a specific IP address:
<pre class=command>sudo tcpdump -i en1 host 1.2.3.4</pre>
You can also use the keywords and and not to further refine what traffic to look for. e.g. to watch all non-http traffic going to 1.2.3.4:
<pre class=command>sudo tcpdump -i en1 host 1.2.3.4 and not port 80</pre>
Similar Messages
-
How to install packet tracer on mac os x 10.7.5
Hi, I nedd to install the cisco packet tracer on my mac
Hi everyone, I found this new version of Packet Tracer 6.0.1 and packaged native for mac, just unzip, mount the dmg and drag and drop to your Applications.
Greetings to everyone.
Please share: D
http://rafavg77.wordpress.com/2013/09/06/cisco-packet-tracer-6-0-1-para-mac-os-x / -
How to install cisco packet tracer on mac os x?
I do not know to start for installing the cisco packet tracer on mac os x. please teach me. I need to use packet tracer for my styding in the class room
Hi
download " PlayOnMac " Application ==> http://www.playonmac.com/en and then install "Cisco Packet Tracer"
Kind Regards -
I wanna install Cisco Packet Tracer 5.3 on my Mac and I follow the step (post 4) from this http://hintsforums.macworld.com/showthread.php?t=104077
I have successfuly install the Packet Tracer but the application always didn't show up. Is there anything that missing from the step or maybe there's additional step before or after installing?I had used PlayOnMac!
https://www.facebook.com/groups/packettracermac/?fref=ts -
Package Packet Tracer 6.0.1.exe for native for Mac OS X
Hello everyone, share a way to package Packet Tracer.exe possibly any .exe to a native app on Mac OS X with WineSkin.
You can download the Packet Tracer 6.0.1 for windows and WineSkin from here:
Download Packet Tacer 6.0.1
Download WineSkin
After download and install WineSkin is necessary to download certain Engines and Wrappers that allow you to run windows on mac and itself packaging libraries. The Engines that must install are:
WS9Wine1.5.27
WS9Wine1.5.2AMDSpeedHack
The Wrapper that we will use is:
WineSkin-2.5.12
For the following steps you can follow this tutorial video made by my
http://rafavg77.wordpress.com/2013/09/07/como-empaquetar-packet-tracer-exe-a-una -app-nativa-en-mac-os-x/
Any question or observation I am open to comments. Best regards.hi,
i have already followed all your instructions and after after many times, i was stuck at the same place.
i want to click the icon so that i can "install this software" but the dialog box opened and "Cisco Packet Tracer 6.0.1 can't be open"
i really hope you saw my message and please guide me on how to proceed.
thanks! -
How do split tunnelling in VPNs work?
How do split tunnelling in VPNs work?
The most visible issue is where the client's default gateway goes. In a full tunnel, it moves to the far side of the tunnel. In the split tunnel, it stays local. The security risk of split tunneling is that the client is providing a bridging path for outside malicious traffic to leak across the tunnel, with no influence from the far end's firewall and IDS. The performance risk of full tunnels is that 3rd party outside traffic not terminating at the organization on the far side still has to take the tunnel, which can add latency, limit throughput, or increase packet loss. The best designs require balancing the network layout, uplink sizing, and security posture in concert.
-- Jim Leinweber, WI State Lab of Hygiene -
Troubleshooting Public Servers with packet-trace.
Hi, I'm new to Cisco, I've tried googling my problem but cannot find anything.
I am trying to setup Public Servers and my config looks great, but it doesn't work. I tried to packet-trace my config and I get an ALLOW when I use the same port from my source, but if I try with a different port, I get a DROP. I can't find where I can tell it to use any port from the source. Did I missed something?
ASA5510, Firmware : 9.1, ASDM : 7.5
SAME SOURCE PORT (Port 88 to Port 88)
Result of the command: "packet-tracer input outside tcp 123.123.123.1 88 W.W.W.13 88 detailed"
Phase: 1
Type: UN-NAT
Subtype: static
Result: ALLOW
Config:
object network MYOFFICE-PVR-PRIVATE-IP
nat (inside,outside) static MYOFFICE-PVR-PUBLIC-IP
Additional Information:
NAT divert to egress interface inside
Untranslate W.W.W.13/88 to A.A.A.254/88
Phase: 2
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group outside_access_in in interface outside
access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_0 any object MYOFFICE-PVR-PRIVATE-IP
object-group service DM_INLINE_SERVICE_0
service-object object MYOFFICE-PVR-88
service-object object MYOFFICE-PVR-9000
Additional Information:
Forward Flow based lookup yields rule:
in id=0xacefb350, priority=13, domain=permit, deny=false
hits=3, user_data=0xaa490880, cs_id=0x0, use_real_addr, flags=0x0, protocol=6
src ip/id=0.0.0.0, mask=0.0.0.0, port=88, tag=0
dst ip/id=A.A.A.254, mask=255.255.255.255, port=88, tag=0, dscp=0x0
input_ifc=outside, output_ifc=any
Phase: 3
Type: NAT
Subtype: per-session
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0xaca012b8, priority=1, domain=nat-per-session, deny=true
hits=10478473, user_data=0x0, cs_id=0x0, reverse, use_real_addr, flags=0x0, protocol=6
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=any, output_ifc=any
Phase: 4
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0xace37850, priority=0, domain=inspect-ip-options, deny=true
hits=7278021, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=outside, output_ifc=any
Phase: 5
Type: INSPECT
Subtype: np-inspect
Result: ALLOW
Config:
class-map class-default
match any
policy-map global_policy
class class-default
inspect icmp
service-policy global_policy global
Additional Information:
Forward Flow based lookup yields rule:
in id=0xad53bef0, priority=70, domain=inspect-icmp, deny=false
hits=214393, user_data=0xad53b418, cs_id=0x0, use_real_addr, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=outside, output_ifc=any
Phase: 6
Type: VPN
Subtype: ipsec-tunnel-flow
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0xad4981d0, priority=13, domain=ipsec-tunnel-flow, deny=true
hits=65468, user_data=0x0, cs_id=0x0, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=outside, output_ifc=any
Phase: 7
Type: NAT
Subtype: rpf-check
Result: ALLOW
Config:
nat (inside,outside) source dynamic any interface
Additional Information:
Forward Flow based lookup yields rule:
out id=0xacef3c40, priority=6, domain=nat-reverse, deny=false
hits=4577, user_data=0xacef2a38, cs_id=0x0, use_real_addr, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=outside, output_ifc=inside
Phase: 8
Type: NAT
Subtype: per-session
Result: ALLOW
Config:
Additional Information:
Reverse Flow based lookup yields rule:
in id=0xaca012b8, priority=1, domain=nat-per-session, deny=true
hits=10478475, user_data=0x0, cs_id=0x0, reverse, use_real_addr, flags=0x0, protocol=6
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=any, output_ifc=any
Phase: 9
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Reverse Flow based lookup yields rule:
in id=0xace84c40, priority=0, domain=inspect-ip-options, deny=true
hits=6598652, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=inside, output_ifc=any
Phase: 10
Type: FLOW-CREATION
Subtype:
Result: ALLOW
Config:
Additional Information:
New flow created with id 6654364, packet dispatched to next module
Module information for forward flow ...
snp_fp_tracer_drop
snp_fp_inspect_ip_options
snp_fp_tcp_normalizer
snp_fp_inspect_icmp
snp_fp_translate
snp_fp_adjacency
snp_fp_fragment
snp_ifc_stat
Module information for reverse flow ...
snp_fp_tracer_drop
snp_fp_inspect_ip_options
snp_fp_translate
snp_fp_tcp_normalizer
snp_fp_inspect_icmp
snp_fp_adjacency
snp_fp_fragment
snp_ifc_stat
Result:
input-interface: outside
input-status: up
input-line-status: up
output-interface: inside
output-status: up
output-line-status: up
Action: allow
DIFFERENT SOURCE PORT (Port 6000 to Port 88)
Result of the command: "packet-tracer input outside tcp 123.123.123.1 6000 W.W.W.13 88 detailed"
Phase: 1
Type: UN-NAT
Subtype: static
Result: ALLOW
Config:
object network MYOFFICE-PVR-PRIVATE-IP
nat (inside,outside) static MYOFFICE-PVR-PUBLIC-IP
Additional Information:
NAT divert to egress interface inside
Untranslate W.W.W.13/88 to A.A.A.254/88
Phase: 2
Type: ACCESS-LIST
Subtype:
Result: DROP
Config:
Implicit Rule
Additional Information:
Forward Flow based lookup yields rule:
in id=0xacefccb0, priority=11, domain=permit, deny=true
hits=307712, user_data=0x5, cs_id=0x0, use_real_addr, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=outside, output_ifc=any
Result:
input-interface: outside
input-status: up
input-line-status: up
output-interface: inside
output-status: up
output-line-status: up
Action: drop
Drop-reason: (acl-drop) Flow is denied by configured ruleNever mind, I got it
object service MYOFFICE-PVR-88
service tcp source range 1 65535 destination eq 88 -
Question: Packet Tracer Use
Hello, sorry if this is the wrong place to send a message but couldn't find a suitable email address.
I am at current in full time education studying for a degree in Computer Networks, on the final year. For my dissertation, i have chosen to investigate routing protocols (eigrp, RIPv2, OSPF etc).
Up until July 2013, i was part of the networking academy studying for the CCENT and CCNA qualifications, and as such have a copy of packet tracer.
What i would like to know, is if it is acceptable for me to use Packet Tracer to develop the network(s) for my dissertation and aid me in describing, analysing and comparing the different options for routing protocols?
ThanksWhat i would like to know, is if it is acceptable for me to use Packet Tracer to develop the network(s) for my dissertation and aid me in describing, analysing and comparing the different options for routing protocols?
C'mon, give the newbie/noobie a break!
You have no idea how difficult it is to cut-and-paste someone else's answer and pass it to your faculty advisor as your own. The mere act of posting their school work question(s) on the forum is wrought with difficulty and danger. This means that the OP has to stop playing his console game, get someone (maybe an out-of-work nuclear physicist from Chernobyl) to write the opening thread above before getting his sorry azz off the couch to post this in the esteemed Cisco Support Forum.
And to Neale's question, the answer is YES.
And Neale, if you want a more detailed response (2500 words) that will guarantee you an A+, I am willing to share you my publication (written by me, of course) for a small fee of 250 Bitcoins. Please don't waste time as some of your classmates have already made contact. I've already provided them with a short essay (1500) which contains lines from Homer's The Eliad and translated in Rihannsu. (Don't worry, neither your classmates, faculty advisor nor your professor/instructor will know. They'll all come to the same conclusion that the phrase could be the new "buzz word".) -
Packet Tracer 6.0 problem
How to open saved *.pka file on another PC? When I try I got message: "The file ... is not compatible for this version of Packet Tracer". I use version 6.0 on both PCs. Thank you.
It was a bug of version 6.0.1. Cisco says:
All NetAcad students using the student version of Cisco Packet Tracer (PT) 6.1 should upgrade to PT 6.1.1 as soon as possible. Version 6.1.1 contains an important fix to a bug and helps ensure the correct scoring of Packet Tracer Skills Assessments (PTSAs) in the CCNA Routing and Switching curriculum.
So I just upgraded my PT to version 6.1.1. -
Packet Trace or Call Flow for IP Softphone
I have been searching around for a while not finding any packet trace or call flow document on the IP softphone. Is there anything like this available ?
Regards,
MatFor Tracing the calls on IP softphone you can refer the following document. This document has the following section
Tracing the Cisco IP SoftPhone GUI Application - which explains how to setup
http://www.cisco.com/univercd/cc/td/doc/product/voice/c_ipphon/english/softphon/admin/ad_trbl.htm#1037447 -
Etherchannel in switch multilayer packet tracer
Hi experts this is my first post,
I´m practicing with SW multilayer in packet tracer, I´ve created a port-channel between 2 multilayer switches with the next commands
channel-group 1 mode desirable
but when i´m trying to assign an ip to this port channel with the command "no switchport" I can not do it and I´m getting this:
Switch(config)#int port-channel 1
Switch(config-if)#no switchport
% Incomplete command.
and also I get this message:
Switch(config-if-range)#no switchport
Command rejected (Port-channel): Either port is L2 and port-channel is L3, or vice-versa
Command rejected (Port-channel): Either port is L2 and port-channel is L3, or vice-versa
So my question is, how can I assign an ip address to a port channel in a multilayer switch in packet tracer? is it possible to do that in PT?
Thanks in advance may be I´m doing something wrong.I just did this same setup in Packet Tracer 6.1.1 and it appears to work.
Default the configurations in each of your existing links, set the individual links as "no switchport" first, then place them into a port-channel, then enter into the port-channel interface and set the IP address.
interface Port-channel 1
no switchport
ip address 10.10.1.1 255.255.255.0
interface FastEthernet0/1
no switchport
channel-group 1 mode desirable
no ip address
duplex auto
speed auto
interface FastEthernet0/2
no switchport
channel-group 1 mode desirable
no ip address
duplex auto
speed auto
Hope that helps. -
Configure the dynamic vlan using packet tracer
How can i configure the dynamic vlan using packet tracer?
Posted by WebUser Amienudin Alam Syah Husein from Cisco Support Community AppI guess this forum platform has been misconfigured, questions coming from the mysterious Web User on various R&S topics keep ending up here.
Let's flood their forum with some tricky CC related questions, in return!
Sent from Cisco Technical Support iPad App -
How can I set up VPN in Iphone 4s
How can I set up VPN in Iphone 4s? Can anyone help me out to set up any VPN proxy in iphone 4s? which proxy is working to access restricted sites? And explain how to set it up.. Thanks..
Download the VPN express app and follow the instructions
-
How to follow/trace an event in Xcode
How do you trace a Cocao event/message? For example, how do you follow a touch event on a UITableView cell on the iPhone screen up to the tabbleView:didSelectRowAtIndexPath: callback of a UITableViewController based class?
If I put a breakpoint in the tabbleView:didSelectRowAtIndexPath: callback I can see a call stack. How can I put breakpoint within the Cocoa/Core/Library stuff ? It seems like I can only see source code for either bottom end ( int main(int argc, char *argv[]) or top end ( didSelectRowAtIndexPath ... ) It does not seem possible to put a breakpoint on th Cocoa/core/library functions in in between.
I did figured out I could add breakpoints for something like the global 'sendEvent' but that is quite low level and still pretty far from an actual target object. How can I trace objects in between?OOPS!!
I posted my question in the wrong community -
so i was walkin in the woods and somehow i droped it. its not conected to the internet. i know because i checked icloud. when i walked around to look for it i used a friends phone to call it so it would ring, but it went straight to voice mail.
So, how can i trace it? and if i cant, can i take all the data, such as pictures from my old phone onto a new one?if you installed find my iphone app on it you can do these things from icloud if it's online
if not you can't do anything
Maybe you are looking for
-
Can I revert to Lion from Mountain Lion from Time Machine?
I rushed and downloaded/installed Mountain Lion yesterday, but it's quite buggy for me. This is the first time that I upgrade and am having issues - for instance, the MacBook Pro crashes every time I close the MacBook to put it to sleep - when I open
-
My iPod Touch 5th Gen is not showing up on iTunes
How can i get my iPod to show in the itunes store on my pc?
-
Question regarding 3-D stacked bar chart
Hi All, I'm creating a report that has a view of a horizontal stacked bar chart. I was wondering if there's a way to portray that stacked bar chart as a 100% stacked bar chart like in ms excel? Thanks, Wayne
-
Hi, I just bught creative cloud system, but I need run some programs in My Laptop, The test time was expired, I sopouse that i could run any app with my adobe ID, fireworks for example need serial ID to run. Thanks!
-
I selected 20 songs to download this morning using the iTunes store and my WiFi connection at home. I've downloaded over 100 in the past week with no problem. Today none of the songs would complete their download and I got an error message and I quot