Wireshark-users: [Wireshark-users] openvpn and packet sniffing

From: Bill Fassler <bill.fassler@xxxxxxxxx>
Date: Fri, 8 Dec 2006 14:57:47 -0800 (PST)

I have tried both suggestions for me to view the RTP/SIP/SDP traffic contained in the UDP packets travelling through an OpenVPN tunnel.  Neither worked for this reason: The payload of the UDP packets do indeed contain such traffic as RTP SIP etc as appropriate, but they are all preceeded by a tunneling protocol.  In my case it appears to be PPP.  I can not use "Decode as" because in the transport options PPP is not listed.  This is unfortunate because obviously there are dissectors or plugins in the Wireshark software that will do the trick but I don't seem to have them available to dissect the protocol when it is in the payload instead of the link layer.   I am trying to confirm that the protocol is indeed PPP.  In the mean time is there anyway to add more options to the decode as within the transport layer?

Bill

---

Check out the all-new Yahoo! Mail beta - Fire up a more powerful email and get things done faster.