Hi all, i am using Wireshark 1.8, and the problem is that, i am unable to capture the packets other than SYN. that is i am sure the connectivity is working fine, i can use HTTp web pages also, but while capturing i am only getting the SYN packet. nothing else. i am using 2950 cisco switch. Then i tried to run Wireshark for the interface in my PC, without using monitoring configurations in the switch, then i am able to see all the packets. I am using windows XP, and CA Total defence antivirus is working in the machine. I tried after disabling the anti virus, but still its like the old. Pls help with valuable suggestions..
This question is marked "community wiki".
asked 14 Mar '13, 08:28
edited 14 Mar '13, 08:35
If I understand your question right, this may help.
Sounds like you need to SPAN the switch port. When you set up the SPAN in the Cisco switch you have to also allow your own computers traffic to traverse the monitor port in the switch by setting the allow traffic option.
Hope this is helpful, John
answered 17 Mar '13, 14:23
i have figured out the issue :) it is because of the anti virus ... i am running CA HIPS in my PC.. after trying with another machine, its working fine,... thanks.. and John, i am already running SPAN in the switch.. the configuration i have given is for SPAN configuration.. thank you ..
answered 17 Mar '13, 22:06