Filter
Top Products
Administration
Packet Capture
Cisco Small Business WAP551 and WAP561 Wireless-N Access Point 48
3
When remote capture mode is in use, the WAP device does not store any captured
data locally in its file system.
If a firewall is installed between the Wireshark computer and the WAP device, the
traffic for these ports must be allowed to pass through the firewall. The firewall
must also be configured to allow the Wireshark computer to initiate a TCP
connection to the WAP device.
To initiate a remote capture on a WAP device:
STEP 1 Click Administration > Packet Capture.
STEP 2 Enable Promiscuous Capture.
STEP 3 For the Packet Capture Method, select Remote.
STEP 4 For the Remote Capture Port, use the default port (2002), or if you are using a
port other than the default, enter the desired port number used for connecting
Wireshark to the WAP device. The port range is from 1025 to 65530.
STEP 5 If you want to save the settings for use at another time, click Save.
STEP 6 Click Start Capture.
To initiate the Wireshark network analyzer tool for Microsoft Windows:
STEP 1 On the same computer, initiate the Wireshark tool.
STEP 2 In the menu, select Capture > Options. A popup window appears.
STEP 3 At Interface, select Remote. A popup window appears.
STEP 4 At Host, enter the IP address of the WAP device.
STEP 5 At Port, enter the port number of the WAP. For example, enter 2002 if you used the
default, or enter the port number if you used a port other than the default.
STEP 6 Click OK.
STEP 7 Select the interface from which you need to capture packets. At the Wireshark
popup window, next to the IP address, there is a pull-down list for you to select the
interfaces. The interface can be one of the following:
Linux bridge interface in the wap device
--rpcap://[192.168.1.220]:2002/brtrunk
Wired LAN interface
-- rpcap://[192.168.1.220]:2002/eth0
VAP0 traffic on radio 1