Monday, June 11, 2012

Packet Sniffer on Fortigate Firewall

There was always been an embedded packet capture in Fortigate CLI which can be accessed using below command:


diagnose packet sniffer [filters] [level]
e.g
diagnose packet sniffer wan1 'icmp and host 10.10.10.1' 4


Now in FortiOS 4.0 MR3, Fortinet has incorporated packet sniffer on GUI which can be accessed to set up a capture and download the PCAP file as well for further analysis.




you may see the faded options available with it and below is the capture settings;




It can be used for real time troubleshooting and works like a charm..!!

No comments:

Post a Comment