This is a migrated thread and some comments may be shown as answers.

Cannot capture packets from an external device connected in PC Fiddler proxy (Windows 10)

4 Answers 291 Views
Windows
This is a migrated thread and some comments may be shown as answers.
Vina
Top achievements
Rank 1
Vina asked on 14 Feb 2020, 02:53 AM

PC is connected in a company proxy.

Fiddler is already set to act as proxy and allow remote computers to connect.

---

Here are the current fiddler settings:

* Capture HTTPS CONNECTS (checked)

* Decrypt HTTPS traffic (checked)

* Fiddler listens on port: 8888

* Capture FTP requests (checked)

* Allow remote computers to connect (checked)

* Reuse client connections (checked)

* Reuse server connections (checked)

* Act as system proxy on startup (checked)

* Monitor all connections (checked)

* Use System Proxy (recommended) is selected

---

Proxy of external device is set to the following:

Proxy Server Address: <IP address of PC with Fiddler>

Port Number: 8888

---

 

Notes:

1. I was able to capture packets when PC OS was not Windows 10.

However, no packets were captured from the connected device when OS was changed to Windows 10.

2. External device and PC is under same network.

3. I have already read existing forums and fix does not apply on this issue.

 

---

How do I configure Fiddler to capture packets from external device?

4 Answers, 1 is accepted

Sort by
0
Eric R | Senior Technical Support Engineer
Telerik team
answered on 18 Feb 2020, 05:56 PM

Hi Vina,

Everything appears to be configured correctly in comparison to the Capture traffic from another machine documentation. Additionally, I was able to test this with a local virtual machine and everything worked well. However, in order to troubleshoot this more can you provide the following information?

1. Are you able to ping between the remote machines?

2. What tests are your running to verify the traffic isn't being captured?

3. If HTTPS is decrypted on the Fiddler Host, does the Remote Machine trust the same Fiddler root certificate as the host?

4. When Remote Connections are enabled did you restart and receive a pop-up to add a firewall rule?

5. Which PC is connected behind a company proxy, the Fiddler Host or the remote machine?

6. What kind of company proxy is the PC behind? Is it an automatic proxy or group policy configured proxy?

Once I have the above information, I will be able to help troubleshoot this more accurately.

In the meantime, please let me know if you have any additional questions. Thank you and I look forward to your reply.

Regards,


Eric R | Senior Technical Support Engineer
Progress Telerik

Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
0
Vina
Top achievements
Rank 1
answered on 19 Feb 2020, 08:06 AM
> 1. Are you able to ping between the remote machines?
Yes.

> 2. What tests are your running to verify the traffic isn't being captured?
I am accessing a webpage (e.g. Google sign-in page).
It should be able to capture traffic from the request for displaying login page.

> 3. If HTTPS is decrypted on the Fiddler Host, does the Remote Machine trust the same Fiddler root certificate as the host?
There is no option to execute this settings in the remote machine.
However, I am using same remote machine that was able to capture Fiddler packet logs when PC was not on Windows 10.

> 4. When Remote Connections are enabled did you restart and receive a pop-up to add a firewall rule?
Yes.
However, I did not add any firewall rule to the Windows Firewall as I do not have permission to do so.
Should a rule be added to firewall? If yes, what rule is it?

> 5. Which PC is connected behind a company proxy, the Fiddler Host or the remote machine?
Both are connected in company proxy.
However, when trying Fiddler, PC IP address and Fiddler port was used by the remote machine.

> 6. What kind of company proxy is the PC behind? Is it an automatic proxy or group policy configured proxy?
group policy configured proxy
0
Eric R | Senior Technical Support Engineer
Telerik team
answered on 19 Feb 2020, 04:24 PM

Hi Vina,

Thank you for the additional information. This is helpful and I can see that there could be a couple of reasons which I will review below.

For number 3. In order to decrypt HTTPS traffic on the remote machine, the remote machine would need to trust the same certificate as the Fiddler host machine. Try exporting the certificate and then installing it on the remote computer as shown in the below screenshot. Note that not all HTTPS sessions can be decrypted because of certificate pinning. The traffic that is pinned to a specific certificate will appear as a tunnel.

For number 5 & 6. This might be an issue because the group policy may are blocking something. I recommend reaching out to the IT Department and clarifying with them how to configure the setup within their network configuration or even asking if it is possible.

Lastly, Windows 10 had many changes from versions 7 and 8. If something works on an earlier version then there may have been something added to 10 that will cause this to no longer work. This also may be resolved by consulting the IT Department and asking for clarification.

Please let me know if you need any additional information. Thank you.

Regards,


Eric R | Senior Technical Support Engineer
Progress Telerik

Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
0
Vina
Top achievements
Rank 1
answered on 20 Feb 2020, 02:46 AM
Thank you very much for the reply.
Will check with IT department.
Tags
Windows
Asked by
Vina
Top achievements
Rank 1
Answers by
Eric R | Senior Technical Support Engineer
Telerik team
Vina
Top achievements
Rank 1
Share this question
or