Hi,
I have the topology as showing here https://imgur.com/a/xB09y . I need to prove to my supplier which I connect through via reth2.0 that traffic is leaving my device correctly. To do this I want to do a packet capture and send it to them. Using the below settings a pcap is created but it doesnt contain any traffic for reth2.0 which should be 10.x.x.x. Instead it seems to contain traffic from reth1.0 mainly broadcast from a server with IP of 192.168.1.3. FYI far end sip server is on 100 network incase you think I've made a typo.
Some help would be great I've been on this a while 
edit forwarding-options packet-capture
set file filename mytrace
set file size 5m
set maximum-capture-size 1500
set firewall filter PCAP term 1 then sample
set firewall filter PCAP term 1 then accept
set firewall filter PCAP term 2 then sample
set firewall filter PCAP term 2 then accept
set firewall filter PCAP term allow-all-else then accept
set interfaces reth2 unit 0 family inet filter output PCAP
set interfaces reth2 unit 0 family inet filter input PCAP
commit
I have tried the same filter but on reth1 and source / destination completed and I do see traffic from 192.168.1.100 > 100.0.55.30. But really I need to see a pcap showing the traffic leaving reth2 as thats the interface which my provider is connected too.
If I so show security flow session destination-prefix 100.0.55.30 I get, where to me the 0 Pkts seems wrong?:
Session ID: 914732, Policy name: inside-zone-outbound/17, State: Backup, Timeout: 1808, Valid
In: 192.168.1.100/5060 --> 100.0.55.30/5060;udp, Conn Tag: 0x0, If: reth1.0, Pkts: 0, Bytes: 0
Out: 100.0.55.30/5060 --> 10.0.5.100/5060;udp, Conn Tag: 0x0, If: reth2.0, Pkts: 0, Bytes: 0