The option you need to select when installing wireshark is 'Sshdump and Ciscodump'Īnd this will show up as two additional interfaces when you start Wireshark. Note: there are options in a standard install for capturing from 'Remote Interfaces' but this is not the same as the SSH Capture Interface. In order to use Wireshark's remote packet capture using SSH, the option needs to be selected when Wireshark is first installed.
Note: The UDM Pro does have an option for setting a SSH username and password under the new settings menu: 'NETWORK SETTINGS'/'Device Authentication' but this only applies to connecting via SSH to switches and AP's - these credentials do not work when connecting to the UDM Pro itself.
Once the password has been set, test that SSH works to the UDM Pro by opening a session using PuTTy (I am using version 0.73). This can be done through the unifi.ui.com portal for your device. In order to capture directly to Wireshark, the UDM Pro needs to has SSH enabled. My BT Infinity username and password is held in the UDM Pro. My UDM Pro WAN port is PPPoE connected to a Draytek Vigor 130 modem in bridge mode, which in turn is connected to the BT Infinity service.
This is so useful because you can see exactly what tries to enter and leave your network before it is handled by any firewall rules or to check that port forwarding is working correctly etc.įor background I am using a UDM Pro Controller Version 5.13.30 and Firmware 1.7.2 and Wireshark version 3.2.5 running on a Windows 10 Pro PC. I thought it might be useful for people to see how I set up my system so that I could capture the UDM Pro WAN side traffic directly into Wireshark.
0 kommentar(er)
