Capture broadcasting

  • Thread starter Thread starter Rob
  • Start date Start date
R

Rob

Hi,
I have 2 windows 2000 LANs that are connected via 2 Linux
based firewall/VPN. we are having problem with VPN
connection, the tunnel is going up and down, and I don't
have too much control of these Linux firewalls. I am
suspecting with a malfunctioned PC which may broadcasting
and block the tunnel. My question is, how can i use
Microsoft Network Monitor to capture these broadcasting
and find out source of this problem?
Thanks for any help-Rob
 
Hi Rob,

Thank you for your post.

If you want to monitor the network package to find out if the issue is
caused by the broadcasting, it better to monitor on the VPN server. However
you can still run network monitor on any Windows 2000 computer to check
broadcasting packet.

In Network Monitor, click start and then on the bottom panel, there will be
a summary list which outlined Network Address, bytes sent and broadcast
sent statistic. From the table, you can monitor the Broadcast Sent to see
if there is any abnormal information. Then you can display captured data to
find the packet from that MAC address, expand the packet to find out the IP
address of the sender.

Although you have not too much control on the VPN Server and although it is
a Linux computer, I can still provide you some suggestions on this issue:

1. If there is any log on the VPN Server such as VPN connection log or any
log as event log on Windows 2000 platform, it is the best information for
research.
2. Make sure that the VPN has not been set to disconnect after several
minutes' idle.

Then I suggest you use PPTP ping command to check if the correct VPN port
is open on the VPN/Firewall server.
For more information about PPTP ping, please refer to Windows 2000 support
tools. It includes Pptpclnt.exe and Pptpsrv.exe command.

You should do the following:

1. Run Pptpsrv.exe on a computer on site A. This does not have to be the
PPTP server.
2. Run Pptpclnt.exe [ServerNameorIPaddress] on site B.
3. When prompted by Pptpclnt.exe, type some text to send to Pptpsrv.exe,
and then click Enter. You see the text received at the host running
Pptpsrv.exe. You then see five GRE packets sent from Pptpclnt.exe and
received at Pptpsrv.exe.
4. Repeat steps 1-3, this time running Pptpsrv.exe on a host on site B and
Pptpclnt.exe on a host on site A. These can, of course, be the same hosts
you just used.

Please provide me with the output on both site A and site B for reference.
I will help you to check if the correct port has been opened. You can send
the file to my email address at (e-mail address removed).

For more information about the PPTP Ping tool please refer to Windows 2000
support tool help document. You can install the support tool from Windows
2000 installation CD, \support\tools folder.

If you have any concerns, please feel free to let me know.

Have a nice day.

Sincerely,

Charlie Li
MCSE/MCDBA/MCSA
Microsoft Partner Online Support


Get Secure! - www.microsoft.com/security

====================================================
When responding to posts, please "Reply to Group" via
your newsreader so
that others may learn and benefit from your issue.
====================================================
This posting is provided "AS IS" with no warranties, and
confers no rights.
 
Back
Top