Which configuration would you use to enable this capture?

HostA (1.1.1.1) is sending TCP traffic to HostB (2.2.2.2). You need to capture the TCP packets locally on the
SRX240. Which configuration would you use to enable this capture?

HostA (1.1.1.1) is sending TCP traffic to HostB (2.2.2.2). You need to capture the TCP packets locally on the
SRX240. Which configuration would you use to enable this capture?

A.
[edit security flow]
user@srx# show
traceoptions {
file dump;
flag basic-datapath;
}

B.
[edit security]
user@srx# show
application-tracking {
enable;
}
flow {
traceoptions {
file dump;
flag basic-datapath;
}
}

C.
[edit firewall filter capture term one]
user@srx# show
from {source-address {
1.1.1.1;
}
destination-address {
2.2.2.2;
}
protocol tcp;
}
then {
port-mirror;
accept;
}

D.
[edit firewall filter capture term one]
user@srx# show
from {
source-address {
1.1.1.1;
}
destination-address {
2.2.2.2;
}
protocol tcp;
}
then {
sample;
accept;
}

Explanation:
http://khurramkhalid.wordpress.com/2012/05/22/packet-capture-on-srx-devices/



Leave a Reply 0

Your email address will not be published. Required fields are marked *