...
| Info |
|---|
The tcpdump can be terminated with the key combination <STRG> + <C>. The parameter -w ensures that the tcpdump is saved as a file. The Wireshark trace can be filtered via the parameters host <IP address> and port <port number> to a specific IP address or a specific port. These parameters can also be combined with an and (host <IP address> and port <port number>). |
2) Transfering the Wireshark file:
To analyze the Wireshark trace it must first be downloaded from the Unified Firewall to a PC. This can be done via SCP.
2.1) Open the Windows command line and navigate to the folder where the Wireshark file is to be saved.
2.2) Enter the command for the file transfer in the following syntax and acknowledge the password prompt by entering the password for the user gpadmin:
scp gpadmin@<IP address of the Unified Firewall>:<File path of the Wireshark file> file on the Unified Firewall> <New file name>
In this example the command is as follows:
scp gpadmin@192.168.45.251:/tmp/trace.pcap trace.pcap
...