Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
btey
Staff
Staff

Created on ‎07-09-2023 10:09 PM Edited on ‎03-14-2024 11:55 AM By Moderator

Article Id 263132

Technical Tip: How to remove system interface reference (firewall sniffer) post firmware upgrade

Description This article describes how to remove the usage of a firewall sniffer for the system interface post-firmware upgrade to version 7.2/7.4.
Scope FortiGate v7.2, 7.4.
Solution

Before version 7.2, the packet capture GUI interface was as below:

 

Capture.PNG

Post firmware upgrade to version 7.2, the system interface will show the usage of the firewall sniffer and unable to delete from GUI:

 

port5_reference.PNG

Note:
To check the reference of the interface using CLI, execute the following command 'diagnose sys cmdb refcnt show system.interface.name wan1'.

Packet capture GUI interface post version 7.2:

 

7.2_packet capture.PNG

To remove the sniffer reference via CLI:

 

remove_sniffer_reference.PNG

 

If the above commands failed, the VDOM is most likely configured on the FortiGate:

 

end

config vdom

edit ?  <- Display VDOM name.

edit <vdom name>  <- Case sensitive.

config firewall sniffer

show

delete <entry name>

end

end

 

no reference.PNG

 

Related document:

Embed real-time packet capture and analysis tool on Diagnostics page.
763
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.