This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hi all, i am using Wireshark 1.8, and the problem is that, i am unable to capture the packets other than SYN. that is i am sure the connectivity is working fine, i can use HTTp web pages also, but while capturing i am only getting the SYN packet. nothing else. i am using 2950 cisco switch. Then i tried to run Wireshark for the interface in my PC, without using monitoring configurations in the switch, then i am able to see all the packets. I am using windows XP, and CA Total defence antivirus is working in the machine. I tried after disabling the anti virus, but still its like the old. Pls help with valuable suggestions..

SW-1#sh moni
Session 1
---------
Type              : Local Session
Source Ports      :
    Both          : Fa0/24
Destination Ports : Fa0/3
    Encapsulation : Native
          Ingress: Disabled
This question is marked "community wiki".

asked 14 Mar '13, 08:28

Unni's gravatar image

Unni
11112
accept rate: 0%

edited 14 Mar '13, 08:35

grahamb's gravatar image

grahamb ♦
19.8k330206


If I understand your question right, this may help.

Sounds like you need to SPAN the switch port. When you set up the SPAN in the Cisco switch you have to also allow your own computers traffic to traverse the monitor port in the switch by setting the allow traffic option.

Hope this is helpful, John

permanent link

answered 17 Mar '13, 14:23

John_Modlin's gravatar image

John_Modlin
1205
accept rate: 0%

Hi..

i have figured out the issue :) it is because of the anti virus ... i am running CA HIPS in my PC.. after trying with another machine, its working fine,... thanks.. and John, i am already running SPAN in the switch.. the configuration i have given is for SPAN configuration.. thank you ..

permanent link

answered 17 Mar '13, 22:06

Unni's gravatar image

Unni
11112
accept rate: 0%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×55
×33
×3
×1

question asked: 14 Mar '13, 08:28

question was seen: 2,826 times

last updated: 17 Mar '13, 22:06

p​o​w​e​r​e​d by O​S​Q​A