Capturing Packets on a Linux Server

Use the command:

tcpdump | grep isakmp

This displays all packets passing through the tcp/ip stack on the linux server, pipes the output to the “grep” command, and ends up only displaying packets which are related to “isakmp”, the key exchange when attempting to establish an IPSEC PSK VPN connection.  Use other strings after ‘grep’ to find other types of packets.  Or, leave off the pipe and grep if you want to drink from a firehose. 🙂

Posted via email from Aaron Johnstone