TCPDump on RED10

Question

Hi community, 
 in one of our remote sites, users are complaining about network problems (internet / intranet websites responding slowly, bad VoIP-quality, etc.) 
 I can rule out server problems, and the VPN-connection between the RED and the central Sophos UTM-firewall is far from being used at its capacity. 
 
 Therefore, I would like to run a TCP-Dump on the RED, but how ? 
 Is there anyone who can supply a guide on how to sniff packets on a RED ? 
 
 Thank you very much in advance. 
 Regards 
 Tobias

BAlfson · Answer

Hallo Tobias, 
 You didn't say what the uplink speed is at the HQ location. 
 You can get the interface for the RED named "Bielefeld" to sniff with: 
 cc get_object_by_name itfhw red_server 'Bielelfeld'|grep \'hardware 
 Before you do that, do #1 in Rulz . Any luck with that? 
 You also might want to run ifconfig on the Internal and External interfaces and then review #7. 
 Cheers - Bob