Packet Captures on Mobile Devices

Last updated
Save as PDF

Overview

When troubleshooting network issues, the best place to start troubleshooting is with the client device. Often times a packet capture will help quickly narrow down the problem. With regular computers, it's easy to just run Wireshark. But to troubleshoot mobile devices it's not as straightforward to get those captures started. This article can be used as a basic guide to get the packet capture up and running on your mobile device.

Apple Devices

Packet captures for iPhone/iPad must be done directly from a Mac.

1. You'll need to make sure that you have downloaded Xcode from the Mac App Store.

Xcode downloaded and ready to run on Mac device.

2. Open Xcode

Xcode landing screen showing options.

3. Navigate to the Menu Bar > Window > Devices, or use the keyboard shortcut Shift + Command + 2.
Window menu found to left of Help. Devices menu option found between "Welcome to Xcode" and "Organizer" options.

4. Make sure that your Apple device is plugged into your computer. Copy the 40-characters-long identifier.

5. Open a Mac Terminal window. Run the following command (replacing the long string with your unique identifier):

rvictl -s 354825d5768de53b8f2e10e26b734f765dxxxxxx

You should get the output that the commanded succeeded (troubleshooting a failure to pair is outside of the scope of this document).

6. Open Wireshark. You can now select the rvi0 interface for your Wireshark capture.

7. Troubleshoot as necessary. Here you can see that an iPhone connecting to meraki.cisco.com was filtered.

Example Wireshark packet capture output shown.