How to take a customized packet captures in ClearPass Policy Manager for troubleshooting purposes?
In 6.6.0 onwards, we can take a customized packet captures from the server.
We can collect the packet captures with specific to any of the following:
1. Packets from a specific Source IP address
2. Packets to a specific Destination IP address.
3. Packets from a specific Source Port.
4. Packets to a specific Destination Port.
5. Packets of a specific protocol (i.e.,UDP, TCP, ICMP, IP, IPv6, ARP, RARP, FDDI, DECNET, WLAN).
We can collect the packets upto to the size of 1024MB and upto 99999 packets.
Note: We can collect the packets with the duration upto 1000 Seconds.
From the Web GUI, Navigate to the following location:
Administration » Server Manager » Server Configuration » Collect Logs » Check the box saying "Capture network packets Duration of dump" and set the duration upto 1000 seconds.
Then, we could check another check box at the bottom of the pop up page saying "Advanced Options for Packet Captures".