Packet monitor utility is configured and active but there are no packets captured
10/14/2021 46 People found this article helpful 401,933 Views
Description
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
When doing packet capture for troubleshooting network related issues, sometimes we may not be able to see packets captured on SonicWall even if the packet monitor utility is configured properly. This article shows the possible reason for the problem & provides a way to overcome it.
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
When doing packet capture for troubleshooting network related issues, sometimes we may not be able to see packets captured on SonicWall even if the packet monitor utility is configured properly. This article shows the possible reason for the problem & provides a way to overcome it.
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
- Login to the SonicWall GUI.
- Navigate to MONITOR | Tools & Monitors | Packet Monitor page in the GUI. Under Captured Packets tab, you can see capture is active along with packets captured ("zero" in this case).
- Under General tab, go to Monitor Filter.
- Make sure "Enable filter based on the firewall/app rule" is disabled.
- Make sure "Enable Bidirectional Address and Port Matching" option is enabled.
- Display Filer and Advanced Monitor Filter tabs should be configured as shown below.
- Click Save.
Attempt to send appropriate traffic and the respective packets will be captured by SonicWall as per the packet monitor configuration & you can see it in the MONITOR | Tools & Monitors | Packet Monitor | Captured Packets tab.
Resolution for SonicOS 6.2 and Below
The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.
- Login to the SonicWall GUI.
- Navigate to System | Packet Monitor page in the GUI. You can see Trace active along with Buffer Size and Packets captured ("zero" in this case). In the same page, you could see a note stating "Capture filter based on firewall/app rule".
- Click on Configure option in the packet monitor page.
- Navigate to Monitor Filter tab and disable the check box "Enable filter based on the firewall/app rule".
- Also ensure that, you have configured the Display Filter tab and Advanced Monitor Filter tab as shown in the below screen shots.
- Click on OK.
Attempt to send appropriate traffic and the respective packets will be captured by SonicWall as per the packet monitor configuration & you can see it in the System | Packet Monitor page.
Related Articles
Categories
Was This Article Helpful?
YESNO