Capture network traffic on an Airwall Gateway
As part of the troubleshooting process, it is sometimes necessary to capture network traffic. The Airwall Gateway can capture traffic on the local interfaces as well as on the HIP tunnel from the Airwall Gateway to other Airwall Gateways.
All of these steps are done from a Conductor and
require administrator permissions.
- Navigate to the Airwall Gateway you wish to capture from
- Select Diagnostics
- In Data capture, select Start Packet Capture
- Select the appropriate interface, if needed
Interface Role Usage HIP tunnel HIP Traffic Use the HIP tunnel for protected traffic. Internal Internal Traffic This captures the traffic that occurs within the local network. Port 0 Underlay This is the Port 2 (underlay) for traffic to/from the local network of the Airwall Gateway. Port 1 Overlay Use the Port 1 (overlay), for traffic to/from the protected device. - Set any other options needed for the capture
- Click Ok to start the capture
CAUTION: The maximum file size is one quarter (1/4) of the available free space,
so it is recommended that you set limits on the capture. In some models, such as the Airwall Gateway/HIPswitch
100, this can take up enough space to cause issues with upgrades.