On 19/11/2024 20:44, sergio wrote:
On 19/11/2024 19:49, Gert Doering wrote:
No.
I would like more details.
Not sure why, but in my setup wireshark detects P_DATA_V2 packets only
on tun connection and does not on tap. So it sounds like it's possible
to completely hide openvpn traffic. (Though possible wireshark is fooled
by 1195 port used for tap.)
What is shown in Wireshark depends on the dissector implementation -
nothing else.
It could well be that the dissector is activated by the 1194/UDP port.
If with TAP you are using 1195/UDP, it's possible that wireshark is
therefore missing it.
You can select the packets and force them being decoded with the OpenVPN
dissector (you may want to look in the wireshark doc about how do to it).
What Gert wanted to say is that OpenVPN per se has no option to
obfuscate its own traffic and make it undetectable.
You may want to try with external tools and pipe the openvpn traffic
through them.
Regards,
--
Antonio Quartulli
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
