| View previous topic :: View next topic |
| Author |
Message |
shuurai
n00b
Joined: 21 May 2013
Posts: 8
|
 Posted: Mon Mar 17, 2014 4:40 pm Post subject: How to monitor a changed connection between CPE's |
 |
|
Hello everyone,
I have a question to the following scenario:
We have a network with a lot of VPN connection from a dtedicated location to different locations.
The WAN connection might change to a backup ISDN connection.
I am not able to read the snmp trap from the CPE's.
This way I do not know when this happens.
Furthermore the Firewalls do not recognize this and the VPN tunnel is always open.
My question is how can I determine that the connection switch to the backup one?
I know that VOIP connections will not work with the backup line.
So my idea is to sniff the network of the dedicated location and look for VOIP protocolls.
If one of the IP's (locations) do not have any VOIP communications at all I could implicate that the connection to this locations switched to a backup line. (?)
I would appreciate any informations/help you could give me.
Best regards
shuurai
_________________
Still ermerging...
Last edited by shuurai on Tue Mar 25, 2014 6:48 pm; edited 1 time in total |
|
| Back to top |
|
 |
eccerr0r
Watchman
Joined: 01 Jul 2004
Posts: 9677
Location: almost Mile High in the USA
|
| Posted: Mon Mar 17, 2014 11:41 pm Post subject: |
|
|
If you can't poll the routing equipment, you could write a script that pulls in either traceroute information (if the network equipment forwards ICMPs) or checks a website that prints your IP address and note that address. Scripting a VOIP call I'm not sure about, but likely you will still need to have an external site of some sort to see if inbound connections work. Either way it sounds like you have to poll.
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
| Back to top |
|
|
shuurai
n00b
Joined: 21 May 2013
Posts: 8
|
| Posted: Tue Mar 18, 2014 7:45 am Post subject: |
|
|
With thousands of connections a ping is definetly not an option.
_________________
Still ermerging... |
|
| Back to top |
|
|
khayyam
Watchman
Joined: 07 Jun 2012
Posts: 6227
Location: Room 101
|
| Posted: Tue Mar 18, 2014 11:25 am Post subject: |
|
|
shuurai ...
perhaps you're looking for something like net-analyzer/nagios (website).
HTH & best ... khay |
|
| Back to top |
|
|
shuurai
n00b
Joined: 21 May 2013
Posts: 8
|
| Posted: Mon Mar 24, 2014 7:52 am Post subject: |
|
|
Actually I thought about something like that khayyam.
But tbh I do not know how to filter the packets for my scenario.
Every help is greatly appreciated
_________________
Still ermerging... |
|
| Back to top |
|
|
shuurai
n00b
Joined: 21 May 2013
Posts: 8
|
| Posted: Tue Mar 25, 2014 10:13 am Post subject: |
|
|
Does anyone know a packet analyzer (like wireshark) that is able to store the captured packets into a *.txt file or similiar?
I want to be able to store the date into a SQL database.
_________________
Still ermerging... |
|
| Back to top |
|
|
shuurai
n00b
Joined: 21 May 2013
Posts: 8
|
| Posted: Tue Mar 25, 2014 6:46 pm Post subject: |
|
|
Wireshark does have a terminal application!
F.e. under windows open the cmd and
| Code: | | cd /Programmes/Wireshark |
.
use the command to show interfaces
after that | Code: | | tshark -i 1 -a duration:10 -w test |
The last command would capture all the packets on interface 1 which are on wire for 10 seconds and save them in the "test.pcap" file.
After that you can open this file and export it to XML.
Well and from here on you can start playing with SQL 
Actually this idea will not help me for my scenario at all LOL!
Anyway I hope this helps some1
so far
shuuraj
_________________
Still ermerging... |
|
| Back to top |
|
|
|
Networking & Security
