Using Wireshark to troubleshoot

CN
Meraki Alumni (Retired)
Meraki Alumni (Retired)

Using Wireshark to troubleshoot

Hello Community,

 

As was recently announced the packet capture tool will now default to download a pcap file with a much more descriptive file name. As a big fan of Wireshark and the packet capture ability, I think this is a great change. The view output below while useful leaves out a lot of information that is vital to troubleshooting. Wireshark is an open-source tool that allows you to see at a packet level what is going across your network.  

 

I wanted to take this opportunity to share a kb article that I wrote about how to use Wireshark. It's a getting started guide to using Wireshark to analyze packet captures. The great thing about dashboard packet captures is that you don't have to be on-site to do them! Performing a packet capture can show us exactly what packets are being sent and the response (if any). This is meant as a getting started guide, there are a lot of resources out there that go into much greater detail about how to analyze packet captures.

 

Whether it's an AutoVPN tunnel that's not forming or clients aren't getting an IP address, Wireshark is an invaluable tool in determining what is happening to the packets. Hopefully, this primer is helpful. If it can save even just a few minutes of troubleshooting then it's well worth it. 

 

Getting started on Packet Captures with Wireshark

 

 

6 REPLIES 6
PhilipDAth
Kind of a big deal
Kind of a big deal

Is this bit meant to be publically visible?

 

1.PNG

PhilipDAth
Kind of a big deal
Kind of a big deal

Great article.  You hit on everything I think is important.

rwiesmann
A model citizen

Thanks, great post!

QLSteve
Getting noticed

 Very helpful resource! Thank you for putting it together.

GIdenJoe
Kind of a big deal
Kind of a big deal

Everyone seriously working with Meraki needs to know proper wireshark capturing.

Since we don't have any debugging tools on Meraki products (please add!) we are mostly relying on network knowledge of protocols and expected behaviors in combination with packet captures to figure it out.

It's a nice getting started article 🙂

 

BTW: a Meraki AP only captures incoming frames.  Not outgoing frames!  Just a gotcha.

theshmike
Getting noticed

LOL, just read this by accident! Wondered the last days when I wanted to do captures because the first thing I used to do is changing output mode to pcap.

 

Awesome change!

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.