ethereal@xxxxxxxxxxxxxxxxx wrote:
> I am using Cisco VPN Client 4.6 to connect to my remote network using
> IPsec. I was trying to sniff my network interface over which the tunnel
> sends and receives traffic but I receive no entries in ethereal for that
> interface. Is my VPN using protocols that ethereal does not understand
> so it does not list the traffic?
No.
Ethereal will list all packets it sees, even if it doesn't understand all
the protocol layers. "Ethereal doesn't understand the protocol in those
packets" isn't a reason why some packets wouldn't be displayed in
Ethereal; it's just a reason why details for all protocol layers in the
packets wouldn't be shown.
There might be some issue with the way the Cisco VPN Client software plugs
into your networking stack that causes whatever mechanism is being used
for capturing not to see the traffic. On what OS are you running this?
(If it's Windows, you should probably ask the winpcap-users@xxxxxxxxxxx
mailing list. If it's Linux, you'd probably have to ask Cisco; if it's
Mac OS X, I'd *love* to know how they could manage to bypass BPF....)
