Description
This article describes how to sniff traffic from a dedicated HA management interface.
Solution
The reserved HA management interfaces does not belong to any VDOM. Traffic from or towards these interfaces can be sniffed by using a global/super administrator account from any VDOM but not by a VDOM administrator.
Ex: Port2 interface has been reserved as HA management interface which make it act as a non-vdom standalone interface.
Sample HA config:
This article describes how to sniff traffic from a dedicated HA management interface.
Solution
The reserved HA management interfaces does not belong to any VDOM. Traffic from or towards these interfaces can be sniffed by using a global/super administrator account from any VDOM but not by a VDOM administrator.
Ex: Port2 interface has been reserved as HA management interface which make it act as a non-vdom standalone interface.
Sample HA config:
#config system haVDOM mapping of interfaces:
set group-id 30
set group-name "test123"
set mode a-p
set hbdev "port33" 100 "port11" 50
set ha-mgmt-status enable
config ha-mgmt-interfaces
edit 1
set interface "port2"
set gateway 10.5.63.254
next
end
set override disable
set monitor "port5" "port6"
end
Sniffer run from vdom1:
FG1K5D-9 (vdom1) # diag sniff packet any 'host 10.5.51.190 and icmp' 4
interfaces=[any]
filters=[host 10.5.51.190 and icmp]
15.917954 port2 in 10.5.63.254 -> 10.5.51.190: icmp: echo request
15.917975 port2 out 10.5.51.190 -> 10.5.63.254: icmp: echo reply
16.930631 port2 in 10.5.63.254 -> 10.5.51.190: icmp: echo request
16.930645 port2 out 10.5.51.190 -> 10.5.63.254: icmp: echo reply
