FortiMail
FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
tamtran
Staff
Staff
Article Id 198456
Description
This article explains how to capture the traffic on FortiMail by using sniffer command on CLI or Traffic Capture on GUI.

Solution
1) Capture the traffic via CLI mode:
- Log the SSH session and output.
- Enable the logs for the other SSH clients (Putty, Secure CRT, Tera Term, MobaXterm…)
- Refer to the article in the field 'Related articles' to save the logs via Putty
# diagnose sniffer packet any ‘host  211.24.155.99 and port 25' 6 0 a         <----- Capture on any interface
# diagnose sniffer packet port1 ‘host  211.24.155.99 and port 25' 6 0 a       <----- Capture on interface port1
Note : This is required for troubleshooting to send to TAC team to convert to pcap format

2) Capture the traffic from GUI:  Go to System -> Network -> Traffic Capture
- Set  Interface to capture
- Set IP address of SMTP host needs to capture
- Set Protocol and port number to filter
- It will be running automatically after click Create

Note: Stop to run capture after getting the logs to utilize FortiMail performance. Export to pcap format to investigate




Related Articles

Technical Note: How to create a log file of a session using PuTTY

Contributors