 | 1 | initial version |
It sounds as if your issue is not decryption, but rather not collecting data traffic, that can be decrypted.
You need to have a capture capability envelope at least as big, or bigger, than the traffic you want to collect. There are many factors to this: band, channel, spatial streams, encoding, and others...
There are lots of questions and answers here on this topic, some are below (there are more). To start, I would reduce the performance of the AP system to something like a or b/g only, i.e. no 802.11n or 802.11ac. See if you then get the data frames you are looking for. Then go from there - the actual process of associating/authenticating will give clues as to the modulation settings that will be used between a device and the AP and you can use this information to specify a new capture system to meet your specific needs. There is no example trace provided so we can't point out where that information exists in your case.
https://ask.wireshark.org/question/1538/no-http-protocols-in-scan-results/#1542
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
