Hi!My schemeHP 2530-24G switch with configured mirror port. Fortigate
100D connected to this port.On the Fortigate I configured lan port as
One-Arm Sniffer and check Include Non-IP Packetsand Log Allowed Traffic
All Sessionsno Secuity profiles enable...
darwin wrote:In one-arm sniffer mode, the traffic log is generated by
ipsengine daemon (which is a wrapper for libips.so). So have to enable
flow-based utm that will startup the process ipsengine. One-arm sniffer
mode is mainly for ips originally but...
