SCP support is provided in SFOS 16.05 MR7 firmware and on. This article describes how to capture packets and download the PCAP from the Sophos XG Firewall using the PSCP utility or a web browser. The following sections are covered:
Applies to the following Sophos products and versions Sophos Firewall 16.05.7 MR7 onwards
Follow the steps below to create a packet capture on the Sophos XG Firewall and download it via the PSCP utility or from a web browser.
tcpdump filedump 'host x.x.x.x -s0
cp /tmp/data/tcpdump.pcap /tmp/data/tcpdump1.pcap.
Follow the steps below to download the packet capture from the Sophos XG Firewall to a Windows machine using the PSCP utility.
pscp.exe -scp admin@server_ip_address:source_location destination_location
mount -w -o remount /
cp /tmp/data/tcpdump.pcap /usr/share/userportal/tcpdump.pcap
https://<XG Firewall IP:Port>/tcpdump.pcap
rm -rf /usr/share/userportal/tcpdump.pcap mount -r -o remount /
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.