Created on 11-24-2010 08:08 AM
diag sniffer packet MyTunnelName ' ' 4to see traffic from the remote end. If you ping from the remote end, you could use
diag sniffer packet MyTunnelName ' icmp' 4and
diag sniffer packet wan1 ' udp port 50' 4will show you traffic arriving at the external interface. ...get the idea? MyTunnelName is the name of the VPN interface/phase1.
Created on 11-25-2010 06:31 AM
FGT80CXXXX # diagnose sniffer packet ' tunnel' 4 interfaces=[XXXXX] filters=[4] pcap_lookupnet: XXXXX: no IPv4 address assigned pcap_compile: parse errorI can confirm that there seems to be no IP assigned when I look in System => Network GUI section. But the IPSEC guide from Fortinet explained that I generally don´t have to assign an address in this section... Thanks again!
FGT80CXXXX # diagnose sniffer packet ' tunnel' 4should read
FGT80CXXXX # diagnose sniffer packet tunnel ' service' 4with <tunnel> being the tunnel name (phase 1 name) and <service> the protocol you would like to sniff. Use empty ticks ' ' for all traffic, ' icmp' for pings, ' tcp port 80' for HTTP, and so on.
Created on 11-25-2010 08:02 AM
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1736 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.