Global ip captures – Nortel Networks NN46110-602 User Manual
Page 107
Chapter 5 Packet capture 107
Nortel VPN Router Troubleshooting
Tunnel captures saved to disk are encapsulated with raw IP encapsulation. When
you convert these files to file formats that do not support raw IP encapsulation
(including Sniffer), L2 encapsulation is required.
You can configure a capture object for an existing tunnel or for tunnels that are not
initiated. You can also enable persistent mode for tunnel capture objects. When
persistent mode is enabled and a captured tunnel disconnects, packet capture
restarts automatically when another tunnel session that matches the capture
criteria begins. Tunnel capture criteria include the following:
•
Tunnel type: user tunnel, branch office, ABOT initiator, or ABOT responder
•
Tunnel protocol: IP security (IPsec), Layer 2 Tunneling Protocol (L2TP),
Point-to-Point Tunneling Protocol (PPTP), or Layer 2 Forwarding (L2F)
•
IP address of the remote peer on the tunnel session
•
User ID (or another criterion to specify the user)
If you start a tunnel capture object and more than one tunnel matches the capture
criteria, only the first tunnel is captured. If no tunnel matches the criteria, packet
capture waits for a tunnel that matches the criteria. If you configure more than one
capture object with the same criteria, the first matching tunnel uses the first PCAP
object, and the next matching tunnel uses the other capture object. This way you
can capture a set of tunnels with the same criteria in different capture files.
For performance reasons, only one capture object runs at a time for a specific
tunnel. Multiple tunnel capture objects can run at the same time, but each object
must capture a different tunnel.
Global IP captures
Global (raw) IP packet capture captures all IP traffic traversing any physical
interface or tunnel on the VPN Router. Only one global IP capture object can run
at one time. Packets are captured as they are encapsulated or decapsulated
(depending on the capture direction that you configure). To restrict the amount of
traffic that a global IP can capture, see