An administrator wants to capture ESP traffic between two FortiGate devices using the built-in sniffer. If the administrator knows that there is no NAT device located between both FortiGate devices, which command should the administrator execute?
A.
diagnose sniffer packet any "˜esp'
B.
diagnose sniffer packet any "˜udp port 4500'
C.
diagnose sniffer packet any "˜udp port 500'
D.
diagnose sniffer packet any "˜tcp port 500 or tcp port 4500'
The correct answer is A. (Please refer to the NSE 7 Study Guide on page 439)
Capture IKE Traffic without NAT:
diagnose sniffer packet ‘host and udp port 500’
—————————————————————————————————————-
Capture ESP Traffic without NAT:
diagnose sniffer packet any ‘host and esp’
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Basuso
Highly Voted 4 years, 9 months agoevdw
Highly Voted 4 years, 7 months agoJackeD
Most Recent 2 years, 6 months agoJohnLemon04
2 years, 11 months agoarmandolubaba
3 years, 2 months agoAhmed_Elswify
3 years, 8 months agofottyfan
3 years, 11 months agogayan237
4 years, 7 months agomungeri
4 years, 9 months ago