This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

how to recognize skinny message when decrypt ssl vpn

0

The scenario is that I use openconnect to connect cisco phone to cisco IOS's sslvpn server.

phone will be registered to the call manager and the call manager communicate with phone using skinny msg.

I already have the private key of the sslvpn server and use it in wireshark.

My wireshark's version is 1.6.5 My setting is that:

Preferences->Protocols->SSL

IP address is set to the sslvpn server's ip.

port is set to 443

Protocol is set to http

key is the location of the private key.

I found that I can see some http msg decrypted using this setting.(without the private key, the http msg can not be seen.)

But other msg is still "TLSv1 Application Data".(should be skinny msg)

I try to set to change ssl decrypt protocol from ”http“ to "skinny"

the error shows that "error in column 'Protocol': Could not find dissector for: 'skinny'"

I try to set "http" to "tcp" and there is some tcp.

So is there a way to decrypt these Application Data to right skinny msg?

Thanks for your help!

asked 15 Mar '12, 06:49

varvar's gravatar image

varvar
1112
accept rate: 0%