Difference between revisions of "ICX-Alphacom Core tcpdump"
From Zenitel Wiki
ZenitelAus (talk | contribs) |
|||
Line 50: | Line 50: | ||
Close WinSCP. | Close WinSCP. | ||
− | + | ||
==Wireshark== | ==Wireshark== | ||
You can now use Wireshark to inspect the packet trace, or send the trace to Support for further assistance. | You can now use Wireshark to inspect the packet trace, or send the trace to Support for further assistance. | ||
− | + | ||
+ | |||
[[Category: ICX-AlphaCom Platform]] | [[Category: ICX-AlphaCom Platform]] | ||
+ | [[Category: ICX-Core]] |
Revision as of 14:56, 2 June 2022
This article describes how to use TCPdump to take a packet trace from the ICX-AlphaCom Core Ubuntu environment
Contents
Prerequisites
- SSH Console software: PuTTY https://www.putty.org/
- File transfer software: WinSCP (version 5.15.3 used in this guide): WinSCP https://winscp.net/eng/index.php
- Wireshark: https://www.wireshark.org/
- The SSH port (22) enabled in the firewall of the ICX-AlphaCom Core.
Login to the ICX-AlphaCom Core Ubuntu environment
Using PuTTY, enter the IP Address of the ICX-AlphaCom Core Ubuntu environment. SSH (port 22) must be enabled in the firewall.
Login to the Ubuntu console using the login details created during Ubuntu installation.
Alternatively, if you have console access via the physical machine, or you are using a Virtual Machine Host such as VirtualBox or ESXi, you can login via this console.
TCPdump
TCPdump is the linux tool to take a packet trace in the console. To enable a packet trace of all packets into a file named icxcore.pcap in the current directory, use the following command;
sudo tcpdump -s 0 -w icxcore.pcap
You will need to enter the root password for Ubuntu created during installation.
The packet trace will commence immediately, and will only stop when requested to by issuing the escape code CTRL + C.
If your Ubuntu environment has more than 1 Ethernet adapter, you can use the -i flag to choose the correct adapter. Adapter names and IP Addresses are listed at login.
sudo tcpdump -i
There are many options for TCPdump, and you can do further reading here using the command man tcpdump
Copy the file via WinSCP
Using WinSCP, connect to the Ubuntu environment using the IP Address, username and password.
... and copy the capture file to your computer from the Ubuntu environment:
Close WinSCP.
Wireshark
You can now use Wireshark to inspect the packet trace, or send the trace to Support for further assistance.