Mirror the port that comes from the inside or outside interface of the firewall. Then take a laptop, put it on the mirrored port, load the sniffing program of your choice, create a capture filter with this systems IP address, and let it begin collecting traffic. Thats the easiest way I can think of. Hope that helps,
Erik