I am studying Cisco GETVPN or Group VPN that is called by the other vendors. The control plane protocol is using UDP port 848. Is there a protocol to decode it? Thanks! asked 25 Jun '17, 15:52  difan |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
A shot in the dark:
GETVPN is using GDOI (RFC6407) and ESP. GDOI itself is based on ISAKMP. As far as I know data packets are transmitted by ESP.
Have you tried to use 'Decode as' with ISAKMP for your UDP 848 data?