Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Capturing packets for troubleshooting network-related issues in InterScan Messaging Security Virtual Appliance (IMSVA)

    • Updated:
    • 6 May 2020
    • Product/Version:
    • InterScan Messaging Security Virtual Appliance 8.2
    • InterScan Messaging Security Virtual Appliance 9.0
    • Interscan Messaging Security Virtual Appliance 9.1
    • InterScan Web Security Virtual Appliance 5.6
    • ServerProtect for Linux 3.0
    • Platform:
    • N/A
Summary

A data packet capture file is needed for troubleshooting network communication issues.

Details
Public

When you suspect an issue is related to a network problem, and the issue can be reproduced or can be seen frequently, please use the following steps to collect packet capture for further analysis:

  1. SSH to IMSVA and login with root account.
  2. Run the tcpdump command:
    tcpdump -i eth0 -s0 -w /var/app_data/troubleShootingIMSVA.pcap
     
    • Replace "eth0" in the command above if your IMSVA is using other port as IMSVA data port.
    • To avoid generating too huge packet capture file, or if the issue doesn't show up in an hour, please contact Trend Micro Support to get a more fine-tuned command line for your IMSVA's issue.
    • For details on tcpdump command usage, refer to this article which contains options to help you narrow down the capture scope.
  3. Reproduce the issue or wait for the issue to re-occur. It is better to enable the debug log from the web UI before reproducing the issue, so debug logs can be collected in the meantime.
  4. Once the issue is reproduced, press key combination CTRL + C to stop the packet capture.
  5. Compress the pcap file using the following command:
    tar cvzf /var/app_data/pcap.tar.gz /var/app_data/troubleShootingIMSVA.pcap
  6. Collect /var/app_data/pcap.tar.gz with scp command or tools like WinSCP.
  7. Export the debug files from the web UI so you can cross-reference the debug logs and packet capture to efficiently troubleshoot network issues.
Premium
Internal
Partner
Rating:
Category:
Troubleshoot
Solution Id:
1096599
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.