We caught 802.11ax sniffer logs. But the data frames can't be decrypted to UDP packets. Only LLC packets are shown up.
Our sniffer hardware environment is: jetson nano + intel ax200 wifi adapter
Application is carplay music between iphone and infotainment.
First I want to make sure whether it's an known issue. If not, I can upload my sniffer pcap file.
Thanks.
I don't see any issues decoding IP/UDP protocols when capturing and decrypting 11ax frames from an OTA capture with the Intel AX2xx series adapters. An example from Intel Corporation Device 2725 (rev 1a), which is an AX210 on channel 36/80MHz:
Thanks very much for your reply. Maybe the old version AX200 has some issue with UDP packets.
May I know the capture device environment? We are using jetson nano + AX200, it can't be updated to AX210. I'm from General motors wifi team. We are searching for a complete solution for sniffer setup. Thanks.
As described, the AX200 behaves the same as the AX210 for this type of test. The issue is most likely a configuration problem at the Wireshark level; make sure IP and UDP protocols are enabled and also that decryption is occurring correctly.
The sample capture herehttps://wiki.wireshark.org/HowToDecry... has UDP. That should show for you.
For professional use, I prefer x64 processors instead of the maker-type boards which use ARM, mips, etc. I find that for wireless work, I want access to the latest Linux kernel with latest drivers and updates usually show first for these processors and they are ported later into the other processor families. The AX200 and AX210 chips I have are mounted in AMD Ryzen 5 3550H small form factor PCs, as well as standard Dell workstations.
Thanks very much for your reply. We had no problem to decode UDP packets for 802.11ac. So won't be analyzer configuration's problem.
I would try your suggestion - x64 processors station.
We adopted jetson nano because we need a portable sniffer device to do in-vehicle-test conveniently. But Jetson nano didn't release for latest linux kernel, still 4.xx, so can't support latest AX2xx firmware.
Thank you very much for your help.
Hi, Thanks very much for your reply.
I researched further online. We are using WPA3 as the security method. Some articles mentioned it can't be decrypted as the old WPA2 way in Wireshark.
I guess it maybe the reason.
Is your capture using WPA3 or WPA2? If WPA3 would you give me some guidance on how to decode it in Wireshark? Or any other software that works?
Thanks, Jasmine Gu
Have you tried one of the latest (3.5.0) development builds?
Support added here:
ieee80211: Support decrypting WPA3-Personal / SAE captures.
(test captures and keys)
Asked: 2021-07-30 19:48:11 +0000
Seen: 1,279 times
Last updated: Sep 04 '21
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
Still can't decrypt udp packets.
Tried development build.
802.11ax + open security works fine. 802.11ax + wpa2 udp can't be decrypted. 802.11ax + wpa3 udp can't be decrypted.
Both iphone12 pro and pixel610 show the same results.
The sniffer log is https://drive.google.com/file/d/1_lkB... pwd:ssid is 12345678:GMCartest