I have a peekremote style capture functioning (data from 3 Access points in sniffer mode being sent to my wireshark install on udp5555). Decode As->Peekremote works to open up the udp 5555 encapsulation and get me the 802.11 headers. I can see EPOL Key exhcanges, but cannot decrypt the 802.11 data after entering the proper wpa-pwd:Passphrase:SSID cobination. (that combination works if I do a raw sniff but I'm using the APs to gather remote data on all 3 channels). Am I missing a step or is there some complexity in these multiple layers of encapsulation that causing me to fail to decrypt the 802.11 data? Thanks! asked 13 Jun '13, 11:18  whistj |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
