PFsense Wireshark Packet Capture On Windows with Putty on SG-1100

Inspired by latest video. Didn’t find much info on this. Tested working on sg-1100 and win10 with latest putty.

Load up private key in Pageant.
Add plink and wireshark path to path system environment variable or use absolute paths to exe.

Change paths/Ports/IPs/interfaces as needed.

wan:
plink -no-antispoof -P 22 -i C:\Users\<USER>\.ssh\id_rsa.ppk root@192.168.1.1 tcpdump -i mvneta0.4090 -U -w - not tcp port 22 | wireshark -i - -k
lan:
plink -no-antispoof -P 22 -i C:\Users\<USER>\.ssh\id_rsa.ppk root@192.168.1.1 tcpdump -i mvneta0.4091 -U -w - not tcp port 22 | wireshark -i - -k
opt1:
plink -no-antispoof -P 22 -i C:\Users\<USER>\.ssh\id_rsa.ppk root@192.168.1.1 tcpdump -i mvneta0.4092 -U -w - not tcp port 22 | wireshark -i - -k

Enjoy!

1 Like