Step 2 - Configure receive stage RECEIVE STAGE Step 3 - Initiate some traffic and download the capture file CLIENT> ping 172.16.1.10Ĩ4 bytes from 172.16.1.10 icmp_seq=2 ttl=63 time=4.393 msĨ4 bytes from 172.16.1.10 icmp_seq=3 ttl=63 time=1.809 msĨ4 bytes from 172.16.1.10 icmp_seq=4 ttl=63 time=1.618 msĨ4 bytes from 172.16.1.10 icmp_seq=5 ttl=63 time=1.184 ms DOWNLOAD CAPTURE FILE WIRESHARKĪs you can see above, both echo request and echo reply are captured on the receive stage.Įxample 2 - Packet Capture with NAT Diagram NAT DIAGRAM You will then need to merge both capture files to have the full picture. If you only configure filter Id-1 then the receive stage will capture packet #1 and the transmit stage will capture packet#4. receive stage - packets 1 & 2 (shown on the example below).For this example, one stage (receive) is more than enough. The filter shown below captures both echo request and echo reply on both receive and transmit stage. Packets 3 & 4 are egressing the firewall. Packets 1 & 2 are ingressing the firewall.You can configure packet capture by going to Monitor > Packet Capture RECEIVE AND TRANSMIT STAGES Initiate a ping from CLIENT to the SERVER and capture both ICMP echo request and ICMP echo reply. transmit - captures packets as they egress out of the firewall engine (post-NAT).receive - captures the packets as they ingress the firewall interface before they go into the firewall engine (pre-NAT).firewall - captures packets in the firewall stage.Example, security polciy denying the traffic Packet captures are session/flow based, so having a single filter is enough for capturing both inbound and outbound traffic.Four packet capture filters can be added with a variety of attributes.Packet capture is very useful when you troubleshoot network connectivity issues or monitor suspicious activity.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |