Controller-less WLANs

 View Only
last person joined: one year ago 

Articles relating to existing and legacy HPE Aruba Networking products and solutions including IAP, Central / HPE Aruba Networking Central, MSR, and Outdoor Mesh
Back to Library

How to configure wireshark to receive packet capture from Instant AP? 

Jul 03, 2014 10:55 PM

Introduction :

 

Wireless packet capture is basically enabled on a BSSID of an Instant AP and the captured frames are pushed to a wired PC running packet capture utility such as, Wireshark.  It is general practice to use Aruba UDP port 5555 to destined the captured traffic.
 

Feature Notes :

 

  • New versions of Wireshark do not come with ARUBA_ERM port pre-configured
  • One can download the Aruba version of Wireshark from Aruba Support site
  • The wired station running packet capture application need not necessary to be in same subnet. It can be across subnets as along a IAP has good IP connectivity.

 

EnvironmentThis article applies to Aruba Instant Access Points and Aruba Mobility Controllers.

 

Network Topology : Aruba IAP   ----->  Wired Station running packet capture application.

 

Configuration Steps :

 

Configure the Wireshark as below to see the captured frames:

 
  1. Download the latest version of Wireshark. If you already have installed, update it to the latest.
  2. Open Wireshark and then go to  Edit ---> Preferences





    3.   Expand "Protocols" and find "ARUBA_ERM"   [ERM stands for Encapsulated Remote Mirroring]







    4. Mentioned the value for "ARUBA_ARM UDP Port numbers"  as 5555.

    (NOTE:  This value should be same as the port number mentioned in the "pcap start" command on IAP)


    5. Now start the capture and use the filter as "wlan"




Statistics
0 Favorited
39 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.