A VPN tunnel is up. To monitor traffic flow, the administrator enters the following CLI commands on an SSH session on FortiGate: # diagnose debug enable # diagnose sniffer packet any 'udp and port 500' 4 However, the sniffer does not show any output. Assuming default configuration values, what are two possible reasons there is no output? (Choose two answers)

• A. The filter should be modified to also capture packets for TCP port 443 or TCP port 4500.
• B. NAT Traversal is enabled.
• C. The sniffer must be restricted to the remote peer IP address.
• D. The sniffer output will be ignored because running diagnose debug enable shows only application real-time debugs.

Correct Answer: A,B

Brave-Dump Clients Votes