The low-level networking tool
tcpdump, or its GUI equivalent Wireshark, is a last resort tool for troubleshooting network issues and network performance. In this section, we will walk through the process of capturing and analyzing the encrypted network traffic produced by OpenVPN.
First, we set up our standard OpenVPN network using the
basic-udp configuration files. On the client, there is also a web server running. We will use the
wget command on the server side to retrieve a file from the web server so that we can look at the resulting network traffic.
tcpdump on the Ethernet interface and capture the network traffic while doing a
wget outside the tunnel:
wget -O /dev/null https://CLIENT-IP/test1
tcpdump output is as follows (modified for the sake of clarity):