Analyzing OpenVPN traffic by using tcpdump

The low-level networking tool tcpdump, or its GUI equivalent Wireshark, is a last resort tool for troubleshooting network issues and network performance. In this section, we will walk through the process of capturing and analyzing the encrypted network traffic produced by OpenVPN.

First, we set up our standard OpenVPN network using the basic-udp configuration files. On the client, there is also a web server running. We will use the wget command on the server side to retrieve a file from the web server so that we can look at the resulting network traffic.

We run tcpdump on the Ethernet interface and capture the network traffic while doing a wget outside the tunnel:

wget -O /dev/null https://CLIENT-IP/test1 ...

Get Mastering OpenVPN now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.