Description
This article explains how to capture the traffic on FortiMail by using sniffer command on CLI or Traffic Capture on GUI.
Solution
1) Capture the traffic via CLI mode:
- Log the SSH session and output.
- Enable the logs for the other SSH clients (Putty, Secure CRT, Tera Term, MobaXterm…)
- Refer to the article in the field 'Related articles' to save the logs via Putty
2) Capture the traffic from GUI: Go to System -> Network -> Traffic Capture
- Set Interface to capture
- Set IP address of SMTP host needs to capture
- Set Protocol and port number to filter
- It will be running automatically after click Create
This article explains how to capture the traffic on FortiMail by using sniffer command on CLI or Traffic Capture on GUI.
Solution
1) Capture the traffic via CLI mode:
- Log the SSH session and output.
- Enable the logs for the other SSH clients (Putty, Secure CRT, Tera Term, MobaXterm…)
- Refer to the article in the field 'Related articles' to save the logs via Putty
# diagnose sniffer packet any ‘host 211.24.155.99 and port 25' 6 0 a <----- Capture on any interfaceNote : This is required for troubleshooting to send to TAC team to convert to pcap format
# diagnose sniffer packet port1 ‘host 211.24.155.99 and port 25' 6 0 a <----- Capture on interface port1
2) Capture the traffic from GUI: Go to System -> Network -> Traffic Capture
- Set Interface to capture
- Set IP address of SMTP host needs to capture
- Set Protocol and port number to filter
- It will be running automatically after click Create
Note: Stop to run capture after getting the logs to utilize FortiMail performance. Export to pcap format to investigate
Related Articles
Technical Note: How to create a log file of a session using PuTTY
