NAT32 Software Router Support Forum

Full Version: How to trace VPN traffic with Wireshark
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Wireshark can accept data in pcap format from its standard input device (stdin).

NAT32 has the ability to launch Wireshark with its stdin device attached to a NAT32 pipe device. NAT32 can then pass all packets seen on any network interface, including RAS Client and Server interfaces, to the pipe for subsequent display within Wireshark.

The entire procedure can be controlled by accessing this page within NAT32: WSTRACE

[Image: wireshark.jpg]

The HELP page explains the technique in more detail.

NAT32 also has the ability to start a FritzBox trace and send the trace data to Wireshark.

[Image: fbtrace.jpg]

This feature can be controlled by accessing this page within NAT32: FBTRACE

Note that all tracing takes place in real time and can be paused and resumed by clicking buttons on the above pages. In addition, the trace interfaces can also be set and reset as needed, all without actually stopping the running Wireshark trace.

Finally, this solution enhances Wireshark because it allows tracing on interfaces to which Wireshark normally has no access (e.g. VPN connections, Incoming connections and FritzBox interfaces).