Only SYN packets(outgoing) captures

Question

Hi all, i am using Wireshark 1.8, and the problem is that, i am unable to capture the packets other than SYN. that is i am sure the connectivity is working fine, i can use HTTp web pages also, but while capturing i am only getting the SYN packet. nothing else. i am using 2950 cisco switch. Then i tried to run Wireshark for the interface in my PC, without using monitoring configurations in the switch, then i am able to see all the packets. I am using windows XP, and CA Total defence antivirus is working in the machine. I tried after disabling the anti virus, but still its like the old. Pls help with valuable suggestions..

SW-1#sh moni
Session 1
---------
Type              : Local Session
Source Ports      :
    Both          : Fa0/24
Destination Ports : Fa0/3
    Encapsulation : Native
          Ingress: Disabled

Answer 1

If I understand your question right, this may help.

Sounds like you need to SPAN the switch port. When you set up the SPAN in the Cisco switch you have to also allow your own computers traffic to traverse the monitor port in the switch by setting the allow traffic option.

Hope this is helpful, John

Answer 2

Hi..

i have figured out the issue :) it is because of the anti virus ... i am running CA HIPS in my PC.. after trying with another machine, its working fine,... thanks.. and John, i am already running SPAN in the switch.. the configuration i have given is for SPAN configuration.. thank you ..