Remote Packet Capture; Wireshark - Cisco WAP125 Administrator's Manual
Wireless-ac/n dual band desktop access point with
poe
Hide thumbs
Also See for WAP125:
- Quick start manual (13 pages) ,
- Manual (10 pages) ,
- Quick start manual (14 pages)
Table of Contents
Advertisement
Troubleshoot
Remote Packet Capture
The Remote Packet Capture feature enables you to specify a remote port as the destination port for packet
captures. This feature works in conjunction with the Wireshark network analyzer tool for Windows. A packet
capture server runs on the WAP device and sends the captured packets through a TCP connection to the
Wireshark tool. Wireshark is an open source tool and is available for free; it can be downloaded from
/www.wireshark.org/.
A Microsoft Windows computer running the Wireshark tool allows you to display, log, and analyze the
captured traffic. The remote packet capture facility is a standard feature of the Wireshark tool for Windows.
The Linux version does not work with the WAP device.
When the remote capture mode is in use, the WAP device does not store any captured data locally in its file
system.
If a firewall is installed between the Wireshark computer and the WAP device, the traffic for these ports must
be allowed to pass through the firewall. The firewall must also be configured to allow the Wireshark computer
to initiate a TCP connection to the WAP device.
To initiate a remote capture on a WAP device:
Step 1
Select Troubleshoot > Packet Capture.
Step 2
For the Packet Capture Method, click Stream to a Remote Host radio button.
Step 3
In the Remote Capture Port field, use the default port (2002), or if you are using a port other than the default, enter the
desired port number used to connect Wireshark to the WAP device. The port range is from 1025 to 65530.
Step 4
There are two modes for packet capture.
• All Wireless Traffic — capture all wireless packet in the air.
• Traffic to/from this AP — capture the packet sent from the AP or the AP received.
Step 5
Next, check Enable Filters. Then choose from the following options:
• Ignore Beacons — Enables or disables the capturing of 802.11 beacons detected or transmitted by the radio.
• Filter on Client — Specifies the MAC address for WLAN Client filter. Note that the Client filter is active only
when a capture is performed on an 802.11 interface.
• Filter on SSID — Select a SSID name for packet capture.
Step 6
If you want to save the settings for use at another time, click Save. However, the selection of Remote as the Packet
Capture Method is not saved.
Step 7
Click Start Capture to start the capture. To stop the capture, click Stop Capture.
Wireshark
First, download Wireshark and install it on your computer. You can download Wireshark from
www.wireshark.org/.
Cisco WAP125 Wireless-AC/N Dual Band Desktop Access Point with PoE
Remote Packet Capture
https:/
https://
101
Hide quick links:
Advertisement
Table of Contents
