This article describes the procedure for downloading the captures from the SSL Visibility appliance and then using Cygwin to generate them.
This is a good solution to avoid running pscp.exe and dealing with the user / folder permissions.
In addition, it shows the utilization of filters and select interfaces.
Steps for downloading the captures:
> capture reset
> capture select 1 2 3 4 (interfaces for taking the capture)
> capture filter src-ip xx.xxx.xx.xx (host ip) dst-ip yy.yyy.yy.yy (destination IP)
* setting up the filter is an option, in case we need to catch all the traffic we just not write the filter line. *
> capture start
After allowing the required time, enter:
> capture stop
Capture file available via scp
Linux/Mac: scp <user>@<appliance>:pcap_20160930200814_20160930200841.tar.gz pcap_20160930200814_20160930200841.tar.gz
Windows: pscp.exe -scp <user>@<appliance>:pcap_20160930200814_20160930200841.tar.gz pcap_20160930200814_20160930200841.tar.gz
scp <user>@<appliance>:pcap_20160930200814_20160930200841.tar.gz pcap_20160930200814_20160930200841.tar.gz
In this example it will be:
scp [email protected]:pcap_20160930200814_20160930200841.tar.gz pcap_20160930200814_20160930200841.tar.gz