How to Capture Network Traffic Between vScope and a Target Machine for Troubleshooting

Authentication problems can occur between vScope and target systems being scanned. To determine if the problem is due to configuration or something in vScope you can help us by capturing the network traffic between vScope and the problematic system and send that log to us.

Let’s assume we want to capture all traffic between vScope and the target machine

  1. Install and start Wireshark on the same machine as vScope:
  2. In the filter field where it says ‘Apply a display filter’, enter the following filter:
    ip.addr ==

  3. Click the right arrow to the right of the filter field to apply the filter.
  4. Below the ‘Capture’ heading, select the network interface you want to capture traffic from. A hint for selecting the correct interface is to select the one which does not have a flat line illustrating traffic on the interface.
  5. Double click the selected interface to start the capture.
  6. Now perform the scan/test credential in vScope. Wireshark should capture the traffic and you should see entries (packets) filling up the table in Wireshark.
  7. When the scan/test credential is complete, stop the capture by clicking the red rectangle.
  8. Save the capture as a file by selecting File -> Save As…
  9. Send us the file for analysis

We will analyse the captured traffic to see if there is something not working correctly in the authentication sequence.

Leave a Reply