[f-nsp] LDAPS debuging
Oliver Adam
oadam at madao.de
Fri Jun 27 09:46:48 EDT 2008
You have mentioned the sessions got terminated at the SI. Looking at
your email below you have said: using ssldump on a test maschine.
Using ssldump on a test machine should not help you in case SSL
traffic is getting terminated at the SI. The big Q is what type of
traffic are you talking about? Who is doing the SSL termination? Is
it a WSM-SSL or a SRVC-SSL module...
R, Oliver
At 11:15 27.06.2008, Mike Lott wrote:
>Hi
>
>Thanks both for your input.
>
>I ended up compiling ssldump on the test machine, running an ssh
>session to it, and monitoring the login process that way.
>
>I am, however, now intrigued as to why I wasn't getting any SSL debug
>output from the WSM...
>
>Mike
>
>On 20 Jun 2008, at 16:49, Wouter Prins wrote:
>
>>Make a mirrorport and setup wireshark with the private key you
>>imported on
>>the SI to view what's going on?
>>
>>-----Original Message-----
>>From: foundry-nsp-bounces at puck.nether.net
>>[mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of Mike Lott
>>Sent: Friday, June 20, 2008 4:15 PM
>>To: foundry-nsp at puck.nether.net
>>Subject: Re: [f-nsp] LDAPS debuging
>>
>>Hi Oliver
>>
>>>What type of traffic are you trying to debug? Is it traffic which is
>>>using SSL acceleration at the ServerIron or is it something else?
>>
>>SSL termination is on the SI (there is no proxing to backend real
>>servers). I'd like to be able to view the transactions as the SSL
>>sessions are set up. Am I going about this the wrong way?
>>
>>Mike
>>
>>On 20 Jun 2008, at 15:03, Oliver Adam wrote:
>>
>>>What type of traffic are you trying to debug? Is it traffic which is
>>>using SSL acceleration at the ServerIron or is it something else?
>>>The command below is for SSL accelerated traffic only.
>>>
>>>R, Oliver
>>>
>>>At 12:48 20.06.2008, Mike Lott wrote:
>>>>Hi Oliver
>>>>
>>>>Thanks for the reply.
>>>>
>>>>I've tried the following commands, but when I make HTTPS connections
>>>>or LDAPS connections to the ServerIron, nothing is output to the
>>>>console, but my HTTPS sessions are fine (in that they complete):
>>>>
>>>>1/1#wsm dm ssldump filter 1 spa 10.0.1.160 (my IP)
>>>>1/1#wsm dm ssldump mode detail
>>>>1/1#wsm dm ssldump both
>>>>
>>>>I've verified that the active BP is in slot 1 and we only have WSM
>>>>modules with one processor. I'd expect to see something being
>>>>written
>>>>out as there are a number of active SSL connections at the time from
>>>>my IP address.
>>>>
>>>>We are currently using 09.5.02cTD2.
>>>>
>>>>Thanks,
>>>>
>>>>Mike
>>>>
>>>>On 20 Jun 2008, at 08:23, Oliver wrote:
>>>>
>>>>>Have you checked rconsole commands like
>>>>>
>>>>>wsm dm ssldump bried
>>>>>wsm dm ssldump detailed
>>>>>wsm dm ssldump decrypt
>>>>>
>>>>>and some others? Have a look at the Security Guide of TrafficWorks
>>>>>10.2.01 or 10.2.00...
>>>>>
>>>>>You have to move to the correct processor first of all (rconsole x
>>>>>y).
>>>>>
>>>>>X = slot
>>>>>Y = processor
>>>>>
>>>>>R, Oliver
>>>>>
>>>>>
>>>>>
>>>>>At 09:06 20.06.2008, Mike Lott wrote:
>>>>>>on the ServerIron before moving my
>>>>>>eyes to the backend servers. Any clues?
>>>
>>
>>_______________________________________________
>>foundry-nsp mailing list
>>foundry-nsp at puck.nether.net
>>http://puck.nether.net/mailman/listinfo/foundry-nsp
More information about the foundry-nsp
mailing list