Run Diagnostic Tasks on Your Firebox

You can use the Fireware Web UI Diagnostics tool to find diagnostic information for your Firebox, to learn more about a log message, or to review information in your Firebox log messages to help you debug problems on your network. You can ping the source or destination IP address, trace the route to the source or destination IP address, look up DNS information for an IP address, or see information about the packets transmitted across your network (TCP dump). You can also include arguments in your task details to narrow the results.

To run diagnostic tasks for your Firebox:

  1. Select System Status > Diagnostics.
    The Diagnostics page appears with the Diagnostics File tab selected.
  2. Select the Network tab.
    The Network page appears.

Screen shot of the System Status > Diagnostics page

  1. Run a diagnostic task, as described in the next sections.

Run a Basic Diagnostics Command

  1. From the Task drop-down list, select a command:
    • Ping
    • traceroute
    • DNS Lookup
    • TCP Dump
      If you select Ping, traceroute, or DNS Lookup, the Address text box appears. 
      If you select TCP Dump, the Interface text box appears.
  2. If you select Ping, traceroute, or DNS Lookup, in the Address text box, type an IP address or host name.
    If you select TCP Dump, from the Interface drop-down list, select an interface.
  3. Click Run Task.
    The output of the command appears in the Results window and the Stop Task button appears.
  4. To stop the diagnostic task, click Stop Task.

Use Command Arguments

  1. From the Task drop-down list, select a command:
    • Ping
    • traceroute
    • DNS Lookup
    • TCP Dump
  2. Select the Advanced Options check box.
    The Arguments text box is enabled and the Address or Interface text box is disabled.
  3. In the Arguments text box, type the command arguments.
    To see the available arguments for a command, leave the Arguments text box empty.

For information on the TCP dump arguments you can use, go to tcpdump.org. For information on Ping arguments, go to this Ping Linux Man Page.

  1. Click Run Task.
    The output of the command appears in the Results window and the Stop Task button appears.
  2. To stop the diagnostic task, click Stop Task.

Find the IP Address for a Host Name

From your Firebox, you can use the DNS Lookup task to find which IP address a host name resolves to.

  1. From the Task drop-down list, select DNS Lookup.
    The Address text box appears.
  2. In the Address text box, type the host name.
  3. Click Run Task.
    The IP address for the host name you specified appears in the Results list.

Download a PCAP File

From the Diagnostics page, you can download a packet capture (PCAP) file to help you diagnose problems with the traffic on your network. The PCAP file captures the results of the most recent TCP dump task that you run so you can review the protocols found in the task results outside of the Diagnostics page. If you do not save the TCP dump results to a PCAP file, the results of the TCP dump task are cleared when you run a new diagnostic task.

When you enable the Advanced Options to include arguments in the TCP dump task, you must always specify an interface. This can be a physical interface on the Firebox (such as, eth0), a Link Aggregation interface (such as, bond0), a wireless interface (such as, ath0), or a VLAN interface (such as, vlan10). If you specify a VLAN or bridge interface, and the traffic matches a proxy rule, TCP dump only captures the first incoming packet on that interface. To capture all packets, you must run the TCP dump task on the physical interface from where the packets originate.

When you create the PCAP file with the TCP dump data, you choose whether to save the file or open it. To open the PCAP file, use a third-party application, such as Wireshark. You can then review the protocols included in the file and resolve issues in your network configuration.

The maximum size of the PCAP file is 30 MB. If your Firebox has limited memory, the size of the PCAP file is constrained relative to the memory available on your device.

To save the TCP dump data directly to a PCAP file:

  1. From the Task drop-down list, select TCP Dump.
    The Interface drop-down list appears.
  2. Select the Advanced Options check box.
    The advanced options appear.

Screen shot of the TCP Dump task settings to generate a PCAP file

  1. In the Arguments text box, type the parameters for the search. Parameters are case sensitive.
    For example, to capture PCAP data for the default external interface, type -ieth0 or -i eth0.
  2. Select the Stream data to a file check box.
  3. Click Run Task.
    The task runs and the Stop Task button and Open or Save File dialog box appear.
  4. Save or open the PCAP file.
    If you choose to save the PCAP file, specify a location to save the file and a name for the file.
    If you choose to open the PCAP file, select the third-party application to use to open the file.
  5. Click OK.
  6. When the TCP dump has collected enough results, click Stop Task.

For more information about the System Status pages, go to Monitor your Firebox with Fireware Web UI.

Related Topics

Diagnostics

Run the VPN Diagnostic Report

Run VPN Statistical Reports

Firebox TCP Dump Diagnostics video tutorial (7 minutes)