As was recently announced the packet capture tool will now default to download a pcap file with a much more descriptive file name. As a big fan of Wireshark and the packet capture ability, I think this is a great change. The view output below while useful leaves out a lot of information that is vital to troubleshooting. Wireshark is an open-source tool that allows you to see at a packet level what is going across your network.
I wanted to take this opportunity to share a kb article that I wrote about how to use Wireshark. It's a getting started guide to using Wireshark to analyze packet captures. The great thing about dashboard packet captures is that you don't have to be on-site to do them! Performing a packet capture can show us exactly what packets are being sent and the response (if any). This is meant as a getting started guide, there are a lot of resources out there that go into much greater detail about how to analyze packet captures.
Whether it's an AutoVPN tunnel that's not forming or clients aren't getting an IP address, Wireshark is an invaluable tool in determining what is happening to the packets. Hopefully, this primer is helpful. If it can save even just a few minutes of troubleshooting then it's well worth it.
Everyone seriously working with Meraki needs to know proper wireshark capturing.
Since we don't have any debugging tools on Meraki products (please add!) we are mostly relying on network knowledge of protocols and expected behaviors in combination with packet captures to figure it out.
It's a nice getting started article 🙂
BTW: a Meraki AP only captures incoming frames. Not outgoing frames! Just a gotcha.
LOL, just read this by accident! Wondered the last days when I wanted to do captures because the first thing I used to do is changing output mode to pcap.