Hello everyone
In this post, I will introduce to how to use wireshark when you study CCIE wireless. I had said
that Capture is the magic tool. If you want to become a good wireless engineer, you should be good at using Capture - Wireshark and Onmipeek.
Wireshark is wire packet capture and Onmipeek is wireless packet caputre. I will focus on wire packet caputre - Wireshark, which you can capture CAPWAP packet.
// Where you can download //
https://www.wireshark.org/
// How to capture //
There are three steps.
1. Set CAPWAP protocol on Wireshark
Go to your wireshark and select [Edit] > [Preference] >[CAPWAP], as you can see the following
2. Understand your topology and set the capture point
You should master your topology, such as which switch port that connects to Access Points(AP) and which switch port that connects to Wireless Lan Controller (WLC). Once you have done it, you can capture AP port or WLC port as the capture points, as you see this picture. Maybe, someone will ask do you need to capture both. Well, if you can, it is better to do that. But if you do not have PC, you can select one of them. For example, If you can CAPWAP join process you can capture the AP port, or if you can see how roaming work, it is better to caputre WLC port.
3. Set monitor session on switch.
You can give the following setting on your switch
monitor session 10 source interface Gi2/19 <= this port connects WLC/AP
monitor session 10 destination interface Gi1/48 <=this port connects your PC having wireshark
Good Luck !!
In this post, I will introduce to how to use wireshark when you study CCIE wireless. I had said
that Capture is the magic tool. If you want to become a good wireless engineer, you should be good at using Capture - Wireshark and Onmipeek.
Wireshark is wire packet capture and Onmipeek is wireless packet caputre. I will focus on wire packet caputre - Wireshark, which you can capture CAPWAP packet.
// Where you can download //
https://www.wireshark.org/
// How to capture //
There are three steps.
1. Set CAPWAP protocol on Wireshark
Go to your wireshark and select [Edit] > [Preference] >[CAPWAP], as you can see the following
2. Understand your topology and set the capture point
You should master your topology, such as which switch port that connects to Access Points(AP) and which switch port that connects to Wireless Lan Controller (WLC). Once you have done it, you can capture AP port or WLC port as the capture points, as you see this picture. Maybe, someone will ask do you need to capture both. Well, if you can, it is better to do that. But if you do not have PC, you can select one of them. For example, If you can CAPWAP join process you can capture the AP port, or if you can see how roaming work, it is better to caputre WLC port.
3. Set monitor session on switch.
You can give the following setting on your switch
monitor session 10 source interface Gi2/19 <= this port connects WLC/AP
monitor session 10 destination interface Gi1/48 <=this port connects your PC having wireshark
Good Luck !!
