What happened to my packet capture in 7.2?

hexank · ‎10-15-2024

This afternoon I upgraded from 7.0.15 to 7.2.10 and to my surprise the packet capture GUI changed to complete garbage. Not only that, I have lost the ability to capture multiple interfaces like before.

Is there any way to get the ability to capture multiple interfaces into their own pcaps like before?

Maybe it is hidden in the cli somehow?

10.0.0.0.1 192.168.1.254

rahul_p1 · ‎10-15-2024

Hi,

Please refer to this article for packet capture using GUI:- https://docs.fortinet.com/index.php/document/fortigate/7.2.0/administration-guide/462154

you can also capture packets via CLI:- https://docs.fortinet.com/document/fortiweb/7.6.0/troubleshooting-guide/715676/packet-capture-via-c...

sprashant · ‎10-18-2024

@hexank

Yes there has been changes in the layout, but you can still run the parallel packet captures on the GUI.

You just will have to go to Diagnostics under Network, and start on new capture, close it, and then start it again on different interface.

packet Capture.PNG

Sprashant

Toshi_Esumi · ‎10-18-2024

This change was necessary/desirable to avoid lots of "duplicate message" (in red or black) in Wireshark view.

In other words, use "diag sniffer packet any .... 4 0 l" in CLI if you need to see how one packet comes in/through/out the chain of interfaces.

Toshi

What happened to my packet capture in 7.2?

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website