Ask Your Question

Revision history [back]

want to study IoT device on LAN

I have an IoT device on my local network - has a touch screen to initiate some service requests from a remote internet host but it is otherwise inscrutible.

My setup is a private address space subnet/LAN with internet/WAN via 4G D-Link Wireless Router acting as DHCP host and gateway. There is no proxy or other stuff on this simple network.

I have my windows PC with Wireshark connected via ethernet on the D-Link and served up a reserved IP.

The D-Link is the default gateway at, no firewalling, no NAT, VPN, DMZ or other stuff.

The IoT Device is also connected to the D-Link by ethernet and reserved up


In Wireshark I can easily enough see the IoT device responding to ping on my Windows Laptop.

The web-browser admin session with the IoT device also shows session info [ <->] easily enough.

I have simply used the filter ip.addr ==

What I am trying to observe/study is the frequency of calls from the IoT device to an internet service to get tasks. Is this a case where I cannot capture this from a (promiscuous) adapter on the local LAN - because they are not broadcast, but point to point going only from -> -> [Remote Host]

I can trigger a remote host connection with a touchscreen action on the IoT device.

I know it is then establishing an https session with a remote host but I want to then see how often in the background it is repeating these remote host connections. I have not worked out if it is even possible without perhaps a wiretap or something to observe these client to server requests from the IoT client to the remote host?

I hope is this clear enough to give a knowledgable wireshark user the kind of beginner ignorance I suffer from in this case.