This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to understand the wireshark captured packet problem?

0

I have a linux-based Firewall/Router (IPtables) in my network. When I change Default gateway of client to the Firewall, I can ping, traceroute, telnet google.com 80 ... but can't browse via Browsers (IE, Chrome, FireFox without any proxy config). How can I analyse my tcp packet and understand the problem?

asked 08 Apr '14, 23:58

q12345's gravatar image

q12345
11112
accept rate: 0%


One Answer:

0

but can't browse via Browsers (IE, Chrome, FireFox without any proxy config)

Maybe you just believe there is no proxy config, while there is one. What do you get if you run the following command on the client

telnet wpad 80

or

telnet wpad.your-internal-domain 80

Do you get a connection?

If so, please uncheck the following option in your browser and try again:

Firefox: Disable the option "Autodetect Proxy for this network" and select the option "no proxy".

Please read about Web Proxy Auto-Discovery Protocol (WPAD): http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol

If wpad isn't an issue in your environment, please post a sample capture file somewhere (google drive, dropbox, cloudshark.org) and post the link here.

Furthermore check the firewall logs ;-))

Regards
Kurt

answered 09 Apr '14, 14:10

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%