Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
AFAIK decrypting encrypted traffic is not feasable with onboard tools in FortiOS. But you can sniff the traffic before it enters the tunnel, or after it leaves it.
That's the whole point in IPsec - confidentiality!
I think you can use the cli with the following command:
diag sniffer packet <interface_name> "any kind of filter (per example: host 192.168.1.1 and icmp)"
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.