Want simple way to check encrypted traffic WAN LAN

[chichow]

Forum

Just wanted to make sure that my off-site backups are fully encrypted. I have a NAS at home and a NAS off-site. Is there a quick and easy way within the Merlin firmware to tell that all traffic is going across encrypted? or do I need to install an additional package on the RT-AC88U router?

thanks!

 

[L&LD]

Your router cannot possibly 'know' if your offsite backups are encrypted.

How are you transferring your files? VPN? Http? FTP? Other?

I think a little more information is needed?

 

[chichow]

I have a Synology NAS at home. I have another Synology NAS off-site. Within the Snology backup scheme, there is an option to "Enable transfer encryption"

I suspect it is using SSH to encrypt the data traffic. I want to be able to confirm.

 

[Martin - SNBuser]

I have a Synology NAS at home. I have another Synology NAS off-site. Within the Snology backup scheme, there is an option to "Enable transfer encryption"

I suspect it is using SSH to encrypt the data traffic. I want to be able to confirm.

You must know how you connect to and transfer files to/from you NAS... FTP? FTP is unencrypted. NFS is generally unencrypted. SSHFS is encrypted. You decide how you transfer the files... I just googled: https://www.synology.com/en-us/knowledgebase/DSM/help/DSM/Tutorial/backup_backup - it seems you've enabled this: Enable transfer encryption (for remote backup only): Select to encrypt the backup data during the transfer to a remote destination (e.g. an rsync server or public cloud

I have a Synology NAS server, but I don't use this, so I don't really know if this "backup-routine" uses rsync or something else... I think you need a client program, for doing the backups, but I don't know if this program uses rsync or if you can choose how to transfer your files (that would make sense for me, then the backup client would run in the background and once in a while begin synchronizing)... I think this is maybe more relevant to ask in the synology forums, it does not have so much to do with your router, I think...

 

[chichow]

I know that I have made that setting change in Synology.

What I want to know if how I can verify using the ASUS Merlin that the traffic is indeed being encrypted.

So if I have something going from

Internal IP to external IP that I can see what ports the Internal IP is using and what protocol and perhaps packets.

 

[ColinTaylor]

You could try looking at System Log > Connections to see what ports are in use.

Just because something is using a particular port doesn't guarantee the type of traffic flowing over it though. For that you'll have to use something like wireshark.

 

[chichow]

Ok. So I have an ASUS RT-AC88U

I can put wireshark on one of my local laptops.

What do I need to do on ASUS Merlin to put one of the ports in some sort of port mirroring mode?

Thanks much

 

[ColinTaylor]

The Asus doesn't have any built-in port mirroring. You might be able to use to following commands to mirror WAN traffic to another client (i.e. 192.168.1.55).

iptables -t mangle -A PREROUTING  -j ROUTE --tee --gw 192.168.1.55
iptables -t mangle -A POSTROUTING -j ROUTE --tee --gw 192.168.1.55

 

[chichow]

so just SSH into the Asus. Run the mangle command to the local IP. And then run wireshark on that local IP?

So then that wireshark local IP will see all WAN traffic and I can filter within wireshark to confirm ports and encrypted traffic?

Thanks much btw.

 

[Martin - SNBuser]

so just SSH into the Asus. Run the mangle command to the local IP. And then run wireshark on that local IP?

So then that wireshark local IP will see all WAN traffic and I can filter within wireshark to confirm ports and encrypted traffic?

Thanks much btw.

I think you can install tcpdump with entware on your router. And then directly make the capture on the router. Then when done, move the capture-file to your laptop with wireshark.