Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

Packet Sniffing Within VPN Tunnel

Is it possible to packet sniff within an SSL VPN tunnel?


We have creatred an SSL VPN for staff to connect back into the estate, which works fine, but some rules are not working as expected and some traffic is being blocked.  


With non-VPN traffic, I can use the packet sniffer to look at source/destination on an interface and it will helpo me identify the issue, but I'm not sure if I can do this within a tunnel, and if so how I do that.


Thank you


I just tried to sniff my ping while connected to it over the SSL VPN. Still seems to work.

fg50e-xxx (root) # diag sniffer packet ssl.root interfaces=[ssl.root] filters=[none] pcap_lookupnet: ssl.root: no IPv4 address assigned 0.782774 -> ack 2261686999 1.002423 -> icmp: echo request 1.003343 -> icmp: echo reply 1.593928 -> psh 2261686999 ack 3078983690 1.593985 -> psh 2261687127 ack 3078983690 1.606404 -> ack 2261687303 2.008738 -> icmp: echo request 2.009654 -> icmp: echo reply 2.613847 -> psh 2261687303 ack 3078983690 2.613902 -> psh 2261687527 ack 3078983690 2.626926 -> ack 2261687767 3.004352 -> icmp: echo request 3.005236 -> icmp: echo reply


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors