Filter
Top Products
User Management
1112
SonicOS 5.8.1 Administrator Guide
Viewing SSO and LDAP Messages with Packet Monitor
In SonicOS Enhanced 5.6 and above, the Packet Monitor feature available on System >
Packet Monitor provides two checkboxes to enable capture of decrypted messages to and
from the SSO agent, and decrypted LDAP over TLS (LDAPS) messages.
In SonicOS Enhanced 5.5, this functionality was introduced in the Packet Capture feature
available on System > Packet Capture.
Capturing SSO Messages
To capture decrypted messages to or from the SSO authentication agent, perform the following
steps:
Step 1 Click the Configuration button in the System > Packet Monitor page
Step 2 Click the Advanced Monitor Filter tab
Step 3 Select the Monitor intermediate Packets checkbox.
Step 4 Select the Monitor intermediate decrypted Single Sign On agent messages checkbox.
Step 5 Click OK.
The packets will be marked with (sso) in the ingress/egress interface field. They will have
dummy Ethernet, TCP, and IP headers, so some values in these fields may not be correct.
This will enable decrypted SSO packets to be fed to the packet monitor, but any monitor filters
will still be applied to them.