Ask Your Question
0

capture traffic on an access point

asked 2019-02-18 12:15:18 +0000

atom gravatar image

We are having some problems at my Bridge club where we use tablets to do scoring. The result of a hand is sent over wifi to the scoring machine but sometimes a tablet reports "no response" and we usually have to turn wifi off and on on a tablet to get it to work again.

I would like to use wireshark to capture the transaction between a tablet and an access point when it goes wrong. I can find out the IP address of the access point and the tablet and I know how to filter in wireshark but how do I tell wireshark to monitor the traffic on the remote access point. I assume my laptop needs to be connected to the same LAN as the access point.

By the way, I tried wireshark out at my home with the Bridge scoring software running and my tablet reported an error - it didn't get the feedback from the scoring machine that it was supposed to. When I looked in wireshark it said "TCP out of order" i.e. wireshark reported the fault and it was a real fault. Any idea what this fault means? I wouldn't have thought this was possible - TCP should retry and get the data through but it didn't and the tablet reported "no response".

Thanks for any help.

edit retag flag offensive close merge delete

Comments

You would need AirPcap to capture wireless traffic between your AP and a tablet. Alternatively some WiFi adapters can be set to monitor mode in Linux.
Linux compatible USB adapters

AirPcap link

net_tech gravatar imagenet_tech ( 2019-02-18 12:45:59 +0000 )edit

thank you so TP-Link TL-WN722N V1 Atheros AR9271 2.4GHz 802.11N External is our choice since other models are less known

darius gravatar imagedarius ( 2019-02-18 12:56:52 +0000 )edit

@net_tech Thanks

atom gravatar imageatom ( 2019-02-18 20:24:04 +0000 )edit

Is the comment from darius spam?

atom gravatar imageatom ( 2019-02-18 20:24:26 +0000 )edit

Presumably the bridge scoring software is running on a server somewhere, is that run by your or somewhere out on the internet?

Capturing the WiFi traffic is a lot harder than capturing over a wired network, and if you can arrange the latter you should do so. Either capture on the AP itself it it supports capturing or by a tap or switch with a mirror port upstream of the AP. There are Wiki pages on WLAN Capture and Ethernet Capture that might help.

Before you dive into capturing though, you must understand the "system" and what traffic is occurring and then plan your capture points, especially as this is an intermittent problem. Presumably the tablets connect to the AP and that then routes traffic to the bridge scoring software running on a server somewhere. The application on the tablet or the server, or the AP itself may have log ...(more)

grahamb gravatar imagegrahamb ( 2021-06-19 13:04:16 +0000 )edit
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2021-06-18 21:16:14 +0000

eleengreen gravatar image

Best is to get a monitor mode wifi adapter with Atheros AR9271 chipset

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2019-02-18 12:15:18 +0000

Seen: 1,414 times

Last updated: Jun 18

Copyright Wireshark Foundation, 2017-2020 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2