Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kf6rat
New Contributor

Created on ‎10-04-2023 08:44 AM Edited on ‎02-26-2024 06:50 AM By Community Manager

FortiGate Packet Capture on non embedded SSD (60F)

Is packet capture COMPLETELY unavailable on the fortigate unless you purchase the model that embeds an SSD?

Such as the 60F vs 61F.

This is a native feature available on practically all other firewalls and switches, whether or not they have dedicated storage. And when I refer to packet capture, it's where you choose the filter and logging parameters to log packets for troubleshooting etc. In my experience, it's usually a couple hundred rows that you really need, not GBs.

 

If not, can you add a USB stick to say the 60F and enable logging?

This would be in reference to the later firmware v7.

Labels:
2474
0 Kudos
1 Solution
hbac
Staff
Staff

Created on ‎10-05-2023 07:32 AM

Hi @kf6rat,

 

If you are referring to packet capture feature on the GUI > Network, it is available on all FortiGate models. The captured file will not be saved in the FortiGate storage. You need to download it right away. 

 

If you are referring to packet capture under firewall policies, FortiGate must have a disk and logging must be enabled in the firewall policy. There is no option to save packet captures to a USB stick. https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/680228/performing-a-sniffer-...

 

Regards, 

View solution in original post

2419
0 Kudos
5 REPLIES 5
abarushka
Staff
Staff

Created on ‎10-04-2023 09:03 AM

Hello,

 

You may consider to use CLI sniffer. It is possible to convert text sniffer (verbosity 6) to wireshark .pcap file. Please find the details by following the link below:

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-import-diagnose-sniffer-packet-data...

FortiGate
2464
0 Kudos
kf6rat
New Contributor
In response to abarushka

Created on ‎10-04-2023 10:34 AM

I appreciate the idea, however it's not addressing the primary question with regards to the packet capture feature functionality. Thank you

2453
0 Kudos
xshkurti
Staff
Staff

Created on ‎10-04-2023 11:15 AM Edited on ‎10-04-2023 11:27 AM

@kf6rat 
Packet Sniffer is available, despite of USB Stick or SSD. It is a build in functionality of FortiOS
On the other hand, GUI packet capture may not be available for some devices because of small amount of resources (RAM, CPU, disk)

From what we understand, you want to use Packet Capture GUI and do captures (which will save them in internal storage)
If that storage is shown in disk drive you can use it.
i.e you can go to log settings and check Local Log. If you find USB disk shown there, you may use your feature as you require.

2447
0 Kudos
hbac
Staff
Staff

Created on ‎10-05-2023 07:32 AM

Hi @kf6rat,

 

If you are referring to packet capture feature on the GUI > Network, it is available on all FortiGate models. The captured file will not be saved in the FortiGate storage. You need to download it right away. 

 

If you are referring to packet capture under firewall policies, FortiGate must have a disk and logging must be enabled in the firewall policy. There is no option to save packet captures to a USB stick. https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/680228/performing-a-sniffer-...

 

Regards, 

2420
0 Kudos
kf6rat
New Contributor
In response to hbac

Created on ‎10-13-2023 09:02 AM

Thank you @hbac. This is correct and I verified this on our ordered unit (60F). Thank you!Screenshot 2023-10-13 090140.png

2282
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.