connect to the sensor of the FTD
use "system support diagnostic-cli" to go into ASA CLI
setup your capture as normal and capture your traffic.
Once complete "copy /pcap capture: disk0:"
now type exit twice to get out of ASA CLI
type "expert"
cd to "/mnt/disk0"
cp MYCAP.pcap /ngfw/var/common
On the FMC web interface
Devices -> hammer + wrech icon -> advanced
Go into advanced troubleshooting -> File download
Enter MYCAP.pcap and click download.
No comments:
Post a Comment