This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

TCPDump on RED10

Hi community,

in one of our remote sites, users are complaining about network problems (internet / intranet websites responding slowly, bad VoIP-quality, etc.)

I can rule out server problems, and the VPN-connection between the RED and the central Sophos UTM-firewall is far from being used at its capacity.

 

Therefore, I would like to run a TCP-Dump on the RED, but how ?

Is there anyone who can supply a guide on how to sniff packets on a RED ?

 

Thank you very much in advance.

Regards

Tobias



This thread was automatically locked due to age.
  • Hallo Tobias,

    You didn't say what the uplink speed is at the HQ location.

    You can get the interface for the RED named "Bielefeld" to sniff with:

    cc get_object_by_name itfhw red_server 'Bielelfeld'|grep \'hardware

    Before you do that, do #1 in Rulz.  Any luck with that?

    You also might want to run ifconfig on the Internal and External interfaces and then review #7.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA