Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

traffic Interception issues for vpn based applications

POTHNAK, | Last updated: Jun 26, 2019 10:11AM UTC

I have a licensed burp installed on my system. I am currently testing an IOS mobile app, the IOS mobile app works only when the vpn to my company network is established. My laptop is also on vpn connection. I have configured the WIFI settings Proxy(192.168.0.103:8080) to my burp in iOS mobile device settings and also configured the same(192.168.0.103:8080) in burp. I see the alert that proxy is started on 192.168.0.103:8080 but I don’t see any traffic flowing into burp while I use the mobile app and it is working fine without any traffic blockage.

PortSwigger Agent | Last updated: Jun 26, 2019 10:24AM UTC

Ok, it sounds like you're getting close. Can you please confirm that if you disable the VPN on the mobile device, are you able to access websites like https://example.com on the mobile device. Is the traffic appearing in Burp? I believe with VPN enabled on your device all traffic is sent through the VPN and Bup is not seeing it. I suggest you disable VPN on your device, you should see the traffic in Burp, and because your laptop is on the VPN, you should see the application traffic communicating with its back-end server correctly. This situation can be quite tricky to set up and Burp does not provide a point-and-click solution, so be prepared to do a considerable amount of fiddling to get this working. Please let us know if you need any further assistance.

Santhanakrishnan | Last updated: Feb 19, 2020 04:36PM UTC

Hi, I'm facing the same issue. Once I connect to VPN I'm not able to see the traffic and if I disconnect the VPN I'm able to capture all the traffic through burp. Also if I send the OpenVPN with proxy as my Lap proxy I'm getting the error "failed to connect to the server". Please help.

Michelle, PortSwigger Agent | Last updated: Feb 20, 2020 10:02AM UTC

Do you know if this is a full tunnel or split-tunnel VPN? From your description, it sounds likely that the VPN is routing all traffic through the VPN connection, so the requests that your browser is sending to the local proxy are actually being sent over the VPN. It would be worth checking the VPN documentation to see if it is possible to exempt local traffic from the VPN so that the requests go through Burp before being sent over the VPN. If that's not possible, have you tried creating a proxy chain with Burp and your VPN?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.