When troubleshooting internet connection speed issues with Kerio Control, you may need to capture traffic on the server-side of the Kerio Control server as part of your investigation. To do so, please follow the process below.
- Download the tcpdump file to your computer.
- Login to Kerio Control via SSH and make the system read/writable:
mount -o rw,remount /
- Logout from Kerio Control.
- Upload the file to the Kerio Control server:
scp tcpdump root@[IP_address_of_Control]:/root
- Login to Kerio Control via SSH and make the file executable:
chmod +x tcpdump
- Start traffic capture on the server, redirecting the output in a file:
./tcpdump -i <interface name> -w <filename>
./tcpdump -i eth1 -w mycap.pcap
The interface name can be shown in Kerio Control Webadmin -> Configuration -> Interfaces -> System name column.
Note: Do not execute TCPdump with the output to your screen; this may overload the machine, and you will need to disconnect from the server to stop the command.
- After the necessary network behavior was captured, cancel the operation (CTRL + C). Exit from the Kerio Control server and transfer (SCP) the file from Kerio Control to your local PC.
- Analyze the file via a Network analyzer such as Wireshark. The example network capture for updating Kerio Control Antivirus is attached below (mycap.pcap).