Controllerless Networks

Hi,

Is it possible to do a packet capture to Wireshark on an Instant AP, if so how do I do it ?

I see there are a number of debug commands on the CLI,  how do I turn on user debugging and view the debuh logs ?

Thanks

Lee

General Debugging is done via the WebUI under the Support tab.

Aruba Instant version 6.1.2.3-2.0.0.3 and above have the pcap command to do the wireless packet capture on the IAP. This command is not exposed on the Web UI and has to run from the CLI.

1. Enable Telnet option to the IAP. By default Telnet or terminal access is disable.

2. Use "show ap monitor status" to identify the base BSSID.

WLAN Interface
---------------
bssid              scan    monitor  probe-type  phy-type        task   channel  pkts
-----              ----    -------  ----------  --------        ----   -------  ----
'''00:24:6c:ae:81:68'''  enable  enable   m-portal    80211a-HT-40    tuned  149+     360116135
'''00:24:6c:ae:81:60'''  enable  enable   sap         80211b/g-HT-20  tuned  11       172543704

In the example above, the base bssid for 80211a is "00:24:6c:ae:81:68" and "00:24:6c:ae:81:60"

3. Use "pcap start <base bssid> <ip address of PC with Aruba version of Wireshark installed> <port> 0 1518"

Example:
pcap start 00:24:6c:ae:81:68 10.163.148.35 5555 0 1518 

4. Use "show pcap" to check the active pcap session

Packet Capture Sessions
-----------------------
pcap-id  filter  type  intf               channel  max-pkts  max-pkt-size  num-pkts  status       url  target
-------  ------  ----  ----               -------  --------  ------------  --------  ------       ---  ------
1                raw   00:24:6c:ae:81:68  149                                        in-progress       10.163.148.35/5555

5. Use "pcap stop <base bssid> <pcap-id> to stop the capture

Example:
pcap stop 00:24:6c:ae:81:68 1

6. Run the Aruba version of Wireshark on the PC, on the capture interface, select ARUBA udp-port=5555

Hi Marcus,

That is excellent information, thank you.   One thing I can't quite work out how to do is debug the user as we can do on the controllers.

On the controller, I would issue a "logging level debugging user-debug <mac<" command, which would turn on user-debugging for a particular client

Then I would issue a "show log user-debug 50" command to see those logs.

Can you explain how I could achieve this with Instant (or advise on a better way) ?

Thanks

Lee

I'm using version 6.2.0.0-3.2.0.0 and am trying the pcap command but keep getting the following error.

Command Failed:Invalid AP RADIO BSSID Address,check by 'show ap details' 

Is this command still supported in 6.2.x cause there is no mention of it in the user guide?

Works for me on 3.2.0.1 on an IAP-135.   Which model are you using? This is not mentioned in the current Users Guide as the CLI is currently not documented or supported.

using an iap105 with v 3.2.0.0 and an iap93 with v 3.2.0.1 and same thing everytime.

Command Failed:Invalid AP RADIO BSSID Address,check by 'show ap details'

There is no such 'show ap details' command either.

Michael-

Are you using "show AP details" or "show ap monitor status" to identify the base BSSID.  Use "show ap monitor status" .

PM me or post the entire output as I documented the process so I can see where the issue is occuring.  I am traveling right now and will be able to try this Friday.

right you are sir.  I was using 'show ap bss-table' to get the bssid.

But then again, the base bssid is not the 'in the air' bssid that is seen.

Nevertheless, I can do it now.  :smileyvery-happy: