Create pcap of Client to Client traffic from Server

[smrtz]

Heyo!

I've got a server with two clients connected, each client connects 2 LANs to the VPN using a few routes and iroutes, and I'm currently sending traffic between client1 LAN2 and client2 LAN1, and I'd like to get a pcap of that traffic using the server. Normally I'd just use TCPDump but that won't work here obviously. Is there a debug flag or config option I can enable to log the packets being routed by OpenVPN and not being passed to the kernel?

Thanks!

[TinCanTech]

Normally I'd just use TCPDump but that won't work here obviously

Why not ?

[smrtz]

OpenVPN doesn't send the packets to the kernel before routing them back out another client, so running TCPDump on the server doesn't show the data flowing from client1 through the server to client2.

[Pippin]

If you use --client-to-client, packets are not exposed to kernel.
Disable it and capture on the tun interface.
https://community.openvpn.net/openvpn/w ... acketsFlow

[smrtz]

If you use --client-to-client, packets are not exposed to kernel.
Disable it and capture on the tun interface.
https://community.openvpn.net/openvpn/w ... acketsFlow

Will I have to add any static routes on the server/clients, or will the routes/iroutes in the openvpn config be handed to the OS?

[Pippin]

You have not shared configs but it seems LAN-to-LAN is working.
I would expect it to continue working unless the (server)firewall is in the way.

[smrtz]

Interesting, thanks for the help! I thought client-to-client was required for clients to communicate _at all_, not just without using the server kernel. I'll try that on Monday and report back!