Burton, OK, that's one way to go....
Just anonther question: The traffic ntop shows under "other" is this really all other traffic? We have a second VPN running on Microsoft RRAS, this traffic appears on "other"... Or the other way round: is the sum of what I see on ntop's traffic pages really the sum of all traffic on the wire? I'm aware of the hub/switch problem, we have ntop running on a hub... Is there anything which isn't counted at all? Thanks Thomas Pagel Senior Consultant Business Intelligence Software4You Planungssysteme GmbH Niederlassung Paderborn Hauptstra�e 35 33178 Borchen (Germany) tel.: +49 (5251) 54009-11 mob.: +49 (172) 8423035 fax.: +49 (5251) 54009-99 home: http://www.software4you.com 4PLAN� - The Art of Budgeting. Disclaimer: This email may contain confidential and proprietary material for the sole use of the intended recipient. Any review or distribution by others is prohibited. If you are not the intended recipient please contact the sender and delete all copies. -----Urspr�ngliche Nachricht----- Von: Burton M. Strauss III [mailto:[EMAIL PROTECTED] Gesendet: Montag, 8. September 2003 22:01 An: [EMAIL PROTECTED] Betreff: RE: [Ntop] Protocolls not recognized by ntop Not a clue. The problem, of course, with a VPN is that you either sample INSIDE the security perimeter, where upon the VPN is irrelevant, or you sample OUTSIDE, and everything is opaque. You see GB of traffic and no clue what's in it. How about applying basic diagnostic techniques here? Hub the output port so you see the traffic and (using an unnumbered interface Linux box or some such), use ethereal or tcpdump to grab the packets that AREN'T IPSec. Something like (I *think*) tcpdump -i xxxxx -e -X "! ip proto 50" or similar... Should show you what ELSE is going on outside the watchguard. Otherwise, you should probably contact tech support for the gizmo you bought... -----Burton -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Thomas Pagel Sent: Monday, September 08, 2003 10:56 AM To: [EMAIL PROTECTED] Subject: [Ntop] Protocolls not recognized by ntop Hi, Perhaps a little bit off-topic....We have a new VPN running using a Watchguard SoHo-Box... We're monitoring our traffic on the router with MRTG and see a permanent "noise" on the line after we plugged the box in... But we don't see any significant traffic with ntop, just a little bit on IPSEC.... I guess I have to enable other protocols, but which and how? Thanks, Thomas Pagel Senior Consultant Business Intelligence Software4You Planungssysteme GmbH Niederlassung Paderborn Hauptstra�e 35 33178 Borchen (Germany) tel.: +49 (5251) 54009-11 mob.: +49 (172) 8423035 fax.: +49 (5251) 54009-99 home: http://www.software4you.com <http://www.software4you.com/> 4PLAN� - The Art of Budgeting. Disclaimer: This email may contain confidential and proprietary material for the sole use of the intended recipient. Any review or distribution by others is prohibited. If you are not the intended recipient please contact the sender and delete all copies. _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop
