[f-nsp] LDAPS debuging
Mike Lott
lists.accounts at gmail.com
Fri Jun 20 10:15:28 EDT 2008
Hi Oliver
> What type of traffic are you trying to debug? Is it traffic which is
> using SSL acceleration at the ServerIron or is it something else?
SSL termination is on the SI (there is no proxing to backend real
servers). I'd like to be able to view the transactions as the SSL
sessions are set up. Am I going about this the wrong way?
Mike
On 20 Jun 2008, at 15:03, Oliver Adam wrote:
> What type of traffic are you trying to debug? Is it traffic which is
> using SSL acceleration at the ServerIron or is it something else?
> The command below is for SSL accelerated traffic only.
>
> R, Oliver
>
> At 12:48 20.06.2008, Mike Lott wrote:
>> Hi Oliver
>>
>> Thanks for the reply.
>>
>> I've tried the following commands, but when I make HTTPS connections
>> or LDAPS connections to the ServerIron, nothing is output to the
>> console, but my HTTPS sessions are fine (in that they complete):
>>
>> 1/1#wsm dm ssldump filter 1 spa 10.0.1.160 (my IP)
>> 1/1#wsm dm ssldump mode detail
>> 1/1#wsm dm ssldump both
>>
>> I've verified that the active BP is in slot 1 and we only have WSM
>> modules with one processor. I'd expect to see something being written
>> out as there are a number of active SSL connections at the time from
>> my IP address.
>>
>> We are currently using 09.5.02cTD2.
>>
>> Thanks,
>>
>> Mike
>>
>> On 20 Jun 2008, at 08:23, Oliver wrote:
>>
>>> Have you checked rconsole commands like
>>>
>>> wsm dm ssldump bried
>>> wsm dm ssldump detailed
>>> wsm dm ssldump decrypt
>>>
>>> and some others? Have a look at the Security Guide of TrafficWorks
>>> 10.2.01 or 10.2.00...
>>>
>>> You have to move to the correct processor first of all (rconsole x
>>> y).
>>>
>>> X = slot
>>> Y = processor
>>>
>>> R, Oliver
>>>
>>>
>>>
>>> At 09:06 20.06.2008, Mike Lott wrote:
>>>> on the ServerIron before moving my
>>>> eyes to the backend servers. Any clues?
>
>
More information about the foundry-nsp
mailing list