The process to take a TCP dump is the following:
- Start the TCP dump from the Admin Console of the IVE. This is done by navigating to Maintenance > Troubleshooting > Tools > TCP Dump
There are a few options to configure when starting the TCP dump:
- Interface - the physical interface on the PCS that the "Sniff" is taken from. By default this option is set to the Internal Port, which is the setting needed.
- VLAN Port - if the users are accessing the PCS via a VLAN, then the VLAN being used by the users needs to be selected.
- Promiscuous Mode - if this option is on, then every packet that is sent or received at the specified interface will be recorded. If this option is off, then only the packets that were destined for the IVE are recorded. By default this option is set to on.
- Filter - this option allows you to only capture traffic that is going to or coming from a specified IP address, port or protocol.
- Once the TCP dump is started, have a user log in to the PCS and reproduce the issue that is occurring.
- After the issue has been reproduced, stop the TCP dump from the Admin Console of the PCS. This is done by navigating to Maintenance > Troubleshooting > Tools > TCP Dump, then clicking on Stop Sniffing
Once the TCP dump is stopped, the file will appear under the Dump File section.
There are three file formats to "Get" the TCP Dump file in:
- Raw - the raw format needs to be viewed by a program that can view .dmp files such as Ethereal or Wireshark. This is the default selection and should be used to collect the TCP Dump.
- SSL Dump - this format shows the SSL handshake that takes place during the TCP Dump and displays it in the browser (this text can by copied and pasted into a text editor such as Notepad or Wordpad).
- Human Readable - this format presents the TCP Dump in a readable format and displays the text in the browser (this text can also be copied and pasted into a text editor).
- Once the format has been selected, click on the Get button. The browser will ask where to save the TCP Dump or save it to the default location specified for downloading files.