Академический Документы
Профессиональный Документы
Культура Документы
FORTIGATESNIFFINGCOMMANDS|maxnetwork
h Crea sito
Home
WRITE4US
Glossary
Contact
Menu
maxnetwork.org
Networking,securityandtroubleshooting!
PLUS 100 BONUS SPINS
ON 1st DEPOSIT
SPIN TODAY!
www.mrgreen.com
Ciscoconfigurations
Fortinet
GNS3
Laboratories
Linux
News
Randomnotes
Troubleshooting
Navigation
12345678
giugno20,2013Fortigate,Fortinet,Packetcapture
FORTIGATESNIFFINGCOMMANDS
GETVPNCOOPCONFIGURATION
GETVPNcanbeconfiguredwithmultipleKeyServer,calledCooperativeServer,basically
providinghighavailabilitybetweengroupservers.HerewillbecoveredtheCOOPmode
configuration.More
HereyoucanfindinstructiontocapturepacketsandverifytrafficonaFortigatefirewallplatform.
Pleasefindmoreonmaxnetwork.orgtroubleshootingserieswhichprovideastraightforwardguidelinestohelpyouverifyandtroubleshootcommonand
advancednetworkingproblem.
DIAGNOSESNIFFERCOMMANDS:
UsediagnosesnifferpacketcommandstocapturepacketstraversingtheFortigatefirewall.
diagnosesnifferpacket<interface><filterargument><debuglevel><packetcount>
Interface:specifyingressoregressflowinterfaceorjustanyport
usefiltertospecifysourceanddestinationip/port
usepacketcounttospecifyhowmanypacketstocapture
debuglevelis1to6(6moredetailed)
Examples:
1. capturealltrafficfromhost192.168.1.10
diagnosesnifferpacketany"host192.168.1.10"2
1. captureallUDPport53fromandtohost192.168.1.10
diagnosesnifferpacketport2"udpandport53host192.168.1.10"5
1. captureallSSHtrafficfromandtohost192.168.1.10/15
diagnosesnifferpacketanyhost192.168.1.10orhost192.168.1.15andtcpport22
1. captureallhttptrafficfromhost192.168.1.10towards192.168.2.10
diagnosesnifferpacketinternalsrchost192.168.1.10anddsthost192.168.2.10and
DIAGNOSESYSTEMSESSIONCOMMANDS:
Usediagnosesystemsessioncommandstoshowallsessionsandtranslationsonthefortigateplatform.
diagnosesystemsessionfilter<filterargument>:filtersessionbasedondestination
diagnosesystemsessionlist:showsessions
diagnosesystemsessionclear:clearfilter
http://maxnetwork.altervista.org/fortigatesniffingcommands/
1/3
04/07/2015
FORTIGATESNIFFINGCOMMANDS|maxnetwork
DIAGNOSEDEBUGFLOWCOMMANDS:
Usediagnosedebugflowcommandstoverifyhowtrafficisbeingacceptedordeniedbyasecuritypolicy:
diagnosedebugenable
diagnosedebugflowshowconsoleenable
diagnosedebugflowfilterhostx.x.x.x
diagnosedebugflowshowfunctionnameenable
diagnosedebugflowtracestartN:(whereNisthenumberofflowtoshow)
Outputexample:
id=36871trace_id=1132msg="vdrootreceivedapacket(proto=17,10.10.20.30:1029192.168.110.11:161)frominternal."
id=36871trace_id=1132msg="allocateanewsession00012042"
id=36871trace_id=1132msg="findaroute:gw172.20.120.2viawan1"
id=36871trace_id=1132msg="findSNAT:IP172.20.120.230,port54409"
id=36871trace_id=1132msg="AllowedbyPolicy5:SNAT"
id=36871trace_id=1132msg="SNAT10.10.20.30>172.20.120.230:54409"
Share:
Like
Share
Tweet
FORTIGATE,Sniffing,Troubleshooting
SPONSORS
Errore014,l'accountnonassociatoaGoogle
AdSense
Engineerstoolkit
YourIP:80.193.149.71
Country:United
Kingdom
Region:Edinburgh
City:Edinburgh
Language:enGB
Browser:Chrome
System:Windows7
Comments
RecentPosts
Search
maxnetwork.org
Like
61peoplelikemaxnetwork.org.
Facebooksocialplugin
http://maxnetwork.altervista.org/fortigatesniffingcommands/
2/3
04/07/2015
FORTIGATESNIFFINGCOMMANDS|maxnetwork
Errore014,l'accountnon
associatoaGoogle
AdSense
Blogroll
CiscoOfficialWebSite
GNS3DownloadLink
TinyCorelinuxDownloadlink
Archives
luglio2013(2)
giugno2013(7)
maggio2013(7)
aprile2013(5)
marzo2013(1)
gennaio2013(1)
novembre2012(1)
ottobre2012(1)
giugno2012(1)
Tag
CiscoconfigurationsDMVPNEIGRPFortianalyzerFORTIGATEGETVPNHighAvailabilityHSRPINTERNETWORLDMAPL2VPNLighttpd
ActiveDirectoryBack|track
Troubleshooting
VPN
LinuxMicrosoftNETFLOWNEXUSOSPFOTVSMTPSniffingSNMP
VMWARE
Search
Tag
CiscoconfigurationsDMVPNEIGRPFortianalyzerFORTIGATEGETVPNHighAvailabilityHSRPINTERNETWORLDMAPL2VPNLighttpd
ActiveDirectoryBack|track
Troubleshooting
LinuxMicrosoftNETFLOWNEXUSOSPFOTVSMTPSniffingSNMP
VPN
VMWARE
SOCIALNETWORKS
2015maxnetwork
PoweredbyWordPress|Designedby:ParkingforBristolairport|ThankstotraveltoBath,HomebroadbanddealsandBroadbandavailability
HostedbyAlterVista
http://maxnetwork.altervista.org/fortigatesniffingcommands/
3/3