Home > General Administration > Tools and Troubleshooting > Installing and using Wireshark for packet captures on a client device

Installing and using Wireshark for packet captures on a client device

Table of contents
No headers
Wireshark is a utility that will display the packets seen by a device. Packets contain the data that is transmitted between computers. Viewing this information can often aid in the diagnosis of issues that may be occurring in a network. It is possible for a device to not see all packets transmitted on a network if a device is hardwired. In this instance, the device may only see broadcast packets and packets addressed to itself due to the functionality of modern networking equipment.

Installation:
Please visit Wireshark's download page to download Wireshark. When downloading, simply follow the prompts. 

Taking a Capture:
  1. Open Wireshark.
    0ec313da-05ff-423a-b945-df95243ee34b

  2. Select a capture interface. This will either be your wireless interface or your local area connection.
    a595c679-8fde-4c96-a2ae-4d7c8adc8a30

  3. Click start. This will take you to a new window that will show the packets that the device is picking up. 
    43c3e4d9-9bb2-4438-89ba-dfa7ee052502
  4. When the desired packets have been obtained click stop. 
    4ad99c95-87cc-47ce-b80f-591288b8a04b
  5. Save the capture with a distinct name. 

In certain instances, it can be beneficial to filter a capture for a specific clients IP address or for a specific type of traffic. This filtering can be done prior to the capture as well as after the capture. If this is required, a support technician will inform you of the filter that he would like you to apply. This filter is applied in the filter box in Wireshark. 

 

  1. Select the filter box.
    87bd5fdb-5787-4910-acec-d4cd4ebc1b56


  2. Input filter string as provided by support engineer. 
    88e31119-98d0-4ab0-b2a0-dbed7a5eab0d

  3. Click "Apply".
    e87a2b5c-a630-4a5f-937c-53cba083b06b

  4. To save the filtered data, go to File -> Export Specified Packets...

    4fd26056-7535-4986-a38f-a50b2ff0ea83

  5. Make sure that the "Displayed" radio button is checked and that the file has a unique filename. Once this is complete, select "Save".
    b0f14041-a6b5-44d6-8b80-95637d737c20 



You must to post a comment.
Last modified
09:40, 3 Feb 2015

Tags

Classifications

This page has no classifications.

Article ID

ID: 1815

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case

Ask the Community

In the Meraki Community, you can find answers provided by fellow Meraki users and ask questions of your own.

Visit the Community