Typical Wireless Packet Capturing TopologyĪssuming the wireless client has Wi-Fi connection problem, we can use the MacBook running with WireShark as the monitoring device near the AP or the wireless client to capture the interactive wireless packets between the Wireless Client and the AP. Note: If the wireless NIC doesn’t support monitor mode, the WireShark cannot capture full 802.11 frames (including 802.11 management, control and data frame) and the WireShark will transfer the 802.11 frame to the fake 802.3 frame which doesn’t have the head info of the 802.11 frame. Some wireless NIC with special driver can also work at monitor mode and capture wireless packets. 2) It has 3x3 radios that can sniff 3 NSS traffic. Modern MacBook is recommended because 1) its wireless NIC driver supports monitor mode. WireShark is available at It’s a free and powerful sniffing and analyzing software. This document will discuss how to capture the wireless packets by using the MacBook and WireShark. Packets capture and analysis are very important for us to troubleshoot when some unexpected wireless connection problems occur such as the wireless client unable to associate with the SSID, the client not obtain an IP address, or intermittent wireless connection, etc.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |