FGT# exec ssh admin@xxx.xxx.xxx.xxx <----- xxx IP address of the FortiAP.Where...
FAP# diag_sniffer <intf> <filter>
FAP# diag_sniffer any tcpExample 2.
FAP# diag_sniffer any "tcp"
interfaces=[any]
filters=[tcp]
1.984333 xxx.xx.xxx.xxx.56677 -> xxx.xxx.xxx.xxx.443: psh 82231660 ack 3470549061
0x0000 0000 0000 0001 3c22 fb44 0a82 0800 4500 ......<".D....E.
0x0010 0073 0000 4000 4006 ef01 ac13 8071 11fa .s..@.@......q..
0x0020 0d05 dd65 01bb 04e6 c16c cedc 6045 5018 ...e.....l..`EP.
0x0030 1000 6dd8 0000 1703 0300 4600 0000 0000 ..m.......F.....
0x0040 0000 0f79 3e4b b071 1dcd b031 9baa f887 ...y>K.q...1....
0x0050 bc13 4154 e5e2 01d9 376b b50a 5a79 3aa6 ..AT....7k..Zy:.
0x0060 365a d265 60e3 e714 c5dc 9709 f0f2 1367 6Z.e`..........g
0x0070 8548 16ad 8d17 1584 f135 d3e9 47f3 c9ce .H.......5..G...
FAP# diag_sniffer any ‘port 5426 or 5247’Note.
Related Articles
Troubleshooting Tool: Using the FortiOS built-in packet sniffer
Technical Note: How to import 'diagnose sniffer packet' data to WireShark - Ethereal application
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.