TCPDump on RED10

Hi community,

in one of our remote sites, users are complaining about network problems (internet / intranet websites responding slowly, bad VoIP-quality, etc.)

I can rule out server problems, and the VPN-connection between the RED and the central Sophos UTM-firewall is far from being used at its capacity.


Therefore, I would like to run a TCP-Dump on the RED, but how ?

Is there anyone who can supply a guide on how to sniff packets on a RED ?


Thank you very much in advance.



  • Hallo Tobias,

    You didn't say what the uplink speed is at the HQ location.

    You can get the interface for the RED named "Bielefeld" to sniff with:

    cc get_object_by_name itfhw red_server 'Bielelfeld'|grep \'hardware

    Before you do that, do #1 in Rulz.  Any luck with that?

    You also might want to run ifconfig on the Internal and External interfaces and then review #7.

    Cheers - Bob