How to Capture All Traffic on SonicWALLby Andy Walton
The SonicWALL Packet Monitor feature allows you to capture and examine network traffic as it crosses your firewall. When activated, Packet Monitor logs the details of packets as they pass through the device, recording data such as the packet's origin, destination and port number. This in turn can help you to gain information about the conditions on your network and identify potential threats. Packet Monitor uses filters to define which types of packet should be captured. However, you can bypass these filters and capture all packets using the “Monitor All” menu option.
Open a browser window and type your SonicWALL device's menu IP address into the address bar. Open the menu and enter your username and password when prompted, then click “OK” to sign into the device.
Click “Dashboard” and then select the “Packet Monitor” menu option to open the Packet monitor configuration screen.
Click on the “Monitor All” button and then click “OK” on the resulting pop-up box. This removes any pre-configured capture filter settings and configures Packet Monitor to capture all packets.
Click on the “Start Capture” button to begin capturing traffic.
- Scroll down to the Captured Packets window to view the captured packets. You can get more information on an individual packet by double-clicking on it, although the information displayed in the Captured Packets window varies depending on the type of packet captured.
- Capturing all packets could slow your connection down, especially on congested networks. To set filters that limit the types of packet captured by Packet Monitor, click on “Configure” from the Packet Monitor menu, then on the “Monitor Filter” tab. Check the “Enable Filter Based On The Firewall Rule” box and then enter the packet types you want to capture into the corresponding text boxes.