[ATP/FLEX] How to capture packets on Nebula Firewall Local WEB GUI?

Zyxel_Cooldia Posts: 1,483  Zyxel Employee
First Anniversary 10 Comments Friend Collector First Answer
edited June 2023 in Maintenance


Packets analysis is a common troubleshooting technique for network administrators, and is also used to examine network traffic for security threats, performance, and connection issues. This example illustrates how to capture packets on Nebula Firewall Local WEB GUI.


You may skip step 1) if you access Firewall WEB GUI from LAN interface of the device.

1)   Create a security policy to allow HTTPS service from wan interface. By default, it is unable to access device WEB GUI HTTPS from wan interface when the device is managed by nebula.

Go to Configure > Firewall > Security Policy.

In Implicit allow rules, there is no implicit rule to allow WEB GUI access from wan to Device TCP 443 port. Click Add to create a security policy rule to allow TCP 443 access from wan.

Action = Allow

Protocol = TCP

Source = Any

Destination = Device

Dst Port = 443

*For security concern, we strongly suggest you add trusted IP to Source IP, instead of any.

Click Save to commit setting to Nebula.

2)   Go to Configure > Site settings to check local credentials.

3)   Open a browser to connect Firewall wan interface IP https://X.X.X.X.

Click “Network Test Tools”, and log in with local credentials.

Account: support

Password: Copy from Configure > Site settings > Local credentials

4)   Go to Maintenance > Packet Capture to capture packets.

Now we can select interface and set up filter to start capture packets.

Interface: Select available Interface and click the right arrow button to move them to the Capture Interfaces list.

Protocol: Select the protocol of traffic for which to capture packets. Select any to capture packets for all types of traffic.

Host IP: Select a host IP address object for which to capture packets. Select any to capture packets for all hosts. Select User Defined to be able to enter an IP address.

Host port: Specify the port number of the traffic to capture.

Click Capture to start capturing network traffic.

5)   Click Stop to stop capturing traffic.

6)   Now we can download from Captured Packet Files

Click a file to select it and click Download to save it to your computer.

Want a FREE Access Point? Participate in our campaign and share your network setup for a chance to win! https://bit.ly/3z9MJPB