[f-nsp] LDAPS debuging

Mike Lott lists.accounts at gmail.com
Fri Jun 27 05:15:30 EDT 2008


Hi

Thanks both for your input.

I ended up compiling ssldump on the test machine, running an ssh  
session to it, and monitoring the login process that way.

I am, however, now intrigued as to why I wasn't getting any SSL debug  
output from the WSM...

Mike

On 20 Jun 2008, at 16:49, Wouter Prins wrote:

> Make a mirrorport and setup wireshark with the private key you  
> imported on
> the SI to view what's going on?
>
> -----Original Message-----
> From: foundry-nsp-bounces at puck.nether.net
> [mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of Mike Lott
> Sent: Friday, June 20, 2008 4:15 PM
> To: foundry-nsp at puck.nether.net
> Subject: Re: [f-nsp] LDAPS debuging
>
> Hi Oliver
>
>> What type of traffic are you trying to debug? Is it traffic which is
>> using SSL acceleration at the ServerIron or is it something else?
>
> SSL termination is on the SI (there is no proxing to backend real
> servers). I'd like to be able to view the transactions as the SSL
> sessions are set up. Am I going about this the wrong way?
>
> Mike
>
> On 20 Jun 2008, at 15:03, Oliver Adam wrote:
>
>> What type of traffic are you trying to debug? Is it traffic which is
>> using SSL acceleration at the ServerIron or is it something else?
>> The command below is for SSL accelerated traffic only.
>>
>> R, Oliver
>>
>> At 12:48 20.06.2008, Mike Lott wrote:
>>> Hi Oliver
>>>
>>> Thanks for the reply.
>>>
>>> I've tried the following commands, but when I make HTTPS connections
>>> or LDAPS connections to the ServerIron, nothing is output to the
>>> console, but my HTTPS sessions are fine (in that they complete):
>>>
>>> 1/1#wsm dm ssldump filter 1 spa 10.0.1.160 (my IP)
>>> 1/1#wsm dm ssldump mode detail
>>> 1/1#wsm dm ssldump both
>>>
>>> I've verified that the active BP is in slot 1 and we only have WSM
>>> modules with one processor. I'd expect to see something being  
>>> written
>>> out as there are a number of active SSL connections at the time from
>>> my IP address.
>>>
>>> We are currently using 09.5.02cTD2.
>>>
>>> Thanks,
>>>
>>> Mike
>>>
>>> On 20 Jun 2008, at 08:23, Oliver wrote:
>>>
>>>> Have you checked rconsole commands like
>>>>
>>>> wsm dm ssldump bried
>>>> wsm dm ssldump detailed
>>>> wsm dm ssldump decrypt
>>>>
>>>> and some others? Have a look at the Security Guide of TrafficWorks
>>>> 10.2.01 or 10.2.00...
>>>>
>>>> You have to move to the correct processor first of all (rconsole x
>>>> y).
>>>>
>>>> X = slot
>>>> Y = processor
>>>>
>>>> R, Oliver
>>>>
>>>>
>>>>
>>>> At 09:06 20.06.2008, Mike Lott wrote:
>>>>> on the ServerIron before moving my
>>>>> eyes to the backend servers. Any clues?
>>
>>
>
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp
>




More information about the foundry-nsp mailing list