Controllerless Networks

last person joined: yesterday 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

Can 802.11 wireless packages on IAP be de-crypted to troubleshoot an ARP issue?

This thread has been viewed 0 times

  • 1.  Can 802.11 wireless packages on IAP be de-crypted to troubleshoot an ARP issue?

    Posted Sep 29, 2015 08:27 AM

    Hi all,

     

    We are having ARP issues on our IAP105 environment (managed by Airwave).

     

    We are tracing as much as possible, also on wireless packages, just to be sure that ARP messages are actually leaving the wireless device. We use the remote pcap command on the IAP cli.

    pcap start BSSID @IPofcomputer UDPPort format size

     

    However, the packages are of course 802.11 encrypted. Is there any way to de-crypt the packages so we can see the ARP packages?

     

    Thanks for you help!



  • 2.  RE: Can 802.11 wireless packages on IAP be de-crypted to troubleshoot an ARP issue?

    EMPLOYEE
    Posted Sep 29, 2015 08:32 AM

    What encryption are the client devices using?

    Can you install wireshark on the client device?

     



  • 3.  RE: Can 802.11 wireless packages on IAP be de-crypted to troubleshoot an ARP issue?

    Posted Sep 29, 2015 09:03 AM

    Encryption is EAP-TLS

     

    Installing Wireshark is difficult since we can't predict where the problem is going to occur next. We are trying to get netsh tracing on all clients.



  • 4.  RE: Can 802.11 wireless packages on IAP be de-crypted to troubleshoot an ARP issue?

    EMPLOYEE
    Posted Sep 29, 2015 08:49 AM

    Besides mirroring the port the ap is connected to, have you tried the 'debug pkt' command set?

     

    debug pk type arp
debug pkt dump


  • 5.  RE: Can 802.11 wireless packages on IAP be de-crypted to troubleshoot an ARP issue?

    Posted Sep 29, 2015 09:05 AM

    Hi,

     

    What does this do exactly?



  • 6.  RE: Can 802.11 wireless packages on IAP be de-crypted to troubleshoot an ARP issue?

    EMPLOYEE
    Posted Sep 29, 2015 09:10 AM

    It dumps those packet types onto the console.  This includes packets from wireless clients and packets that it is seeing on the wire.

    Not as good as a wireshark...but the next best thing.  Try it.  It's pretty neat.  

    Not sure what code this started on, so if you are on an older version, it may not work.