Tcpdump with f5-- ssl flag

Question

hello,i am not able to cupture trafic with tcpdump --f5 ssl :[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config # tmsh modify sys db tcpdump.sslprovider value enable[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config # tmsh modify sys db log.ssl.level value Debug[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config #[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config #[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config #[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config # tcpdump -s0 -ni 0.0:nnnp -w /var/tmp/"$HOSTNAME"_working_"$(date +%d-%m-%y)".pcap --f5 ssl -vv host 105.65.6.7tcpdump: WARNING:&nbsp; The "ssl" option is disabled. The "ssl" option cannot be used in Common Criteria mode. Common Criteria mode is controlled by the DB variable security.commoncriteria.&nbsp;have you any idea please?

enes_afsin_al · Answer

Hi Hamza,
If "sys db security.commoncriteria" value is true, you will get this warning.
tmsh list sys db security.commoncriteria
You need to change the value to false. The change will require reboot.

Forum Discussion

Tcpdump with f5-- ssl flag

1 Reply

Recent Discussions

BigIP Next - Health Monitors / Template

LDAPS and renegotiation

Need advise to setup a policy on F5

Web acceleration

What are the different phases in DevOps?

Related Content

tcpdump 'h' noise amplifier

ltm log entries when starting and stopping tcpdump

tcpdump

tcpdump

bigip tcpdump of both sides