Hidden TCPdump and ETHtool on VMware UAG

VMware UAG (Unified Access Gateway) is a cool little security appliance, deployable on vSphere, AWS, Azure etc that hosts a lot of Workspace ONE edge services: Horizon Proxy, Web Reverse Proxy, Tunnel VPN Gateway, Content Gateway and (since 3.6) the Secure Email Gateway. The challenge is that the thing was built to be headless and super-secure, which means it is almost bare inside. And this is not helpful when troubleshooting.

While watching a VMworld 2019 Session (links at the bottom) I’ve found out that there is actually a hidden tcpdump and ethtool installer, which was first made for our own support services, but is generally available for everyone now.

All you need to do is invoke /etc/vmware/gss-support/install.sh command from the UAG CLI. Of course, it is highly advisable to remove the tools once the troubleshooting is done via /etc/vmware/gss-support/uninstall.sh !

ADV1798BU – Unified Access Gateway Securing Virtual Desktop and App Access

In case you need a refreshed on TCPdump and ETHtool:

With TCPdump I usually prefer capturing everything into a PCAP file and then loading in WireShark for analysis. Now we only need NetCat to be able to stream it conveniently to a remote host.

That is it for today – enjoy, and let me know if it was helpful!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

<span>%d</span> bloggers like this: