FG200A I Don't see traffic flowing when doing a diag sniffer packet on interface wan1

Forum|Forum|8 years ago
June 20, 2017
1 reply
7745 views

Hi there,

When i execute a "diag sniffer packet wan1" I don't see any traffic.

wan1 is in a separate Vdom.

Communication is working and the firewall rule has log option activated.

The FW is an oldie FG200A. What's wrong here?

Best r,

E

emnoc

New Member

The cli command diag debug flow with the filters applied would be your starting point. Maybe the traffic is drop before hitting wan1 ( uRPF, deny-action,etc...)

heskezAuthor

New Member

Thanks, Executed without filters I do see some "general traffic" something what I wouldn't expect within this Vdom. But I don't see the traffic I'd like to see.

emnoc

New Member

Than your host is not hitting the firewall. You can bypass the firewall if your traffic is allowed or deny would result in a match in trace.

I would do it again & with filters for either src dst address or port and re-evaluate.

Ken

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded