Use the topology table on the checkpoint to see what interface you need to monitor
netstat -nr | grep x.x.x.x can be useful too
tcpdump -i eth5 -s0 host 192.168.1.50 -w /var/tmp/packet-capture.pcap
Copy your .pcap file off with win scp and open in wireshark
or read on CLI
tcpdump -r /var/tmp/packet-capture.pcap
No comments:
Post a Comment