This one is more of a note to myself and something I google every time I need to debug connectivity issues.
When you want to get tcpdump
capture in a file and then look at it in Wireshark run the following command on the host you are trying to connect from (and of course change some.host
, XYZ
and some.file
with the values relevant to your case):
sudo tcpdump -i any -n host some.host and port XYZ -w some.file
Once you have some.file
locally just drop it in Wireshark. If you are using custom port (lets say 10443 instead of 443 for HTTPS) you may want to right click and choose to Decode As SSL.