New to WireShark. At times on our LAN at work the Internet slows to a crawl, goes intermittent, or out completely. I would like for WireShark to be able to just capture my LAN to see what node is hogging the bandwidth. If I can rule out my LAN, then I can call my ISP to see if the trouble is on their end. My work domain / LAN is part of a much larger forest. We are all connected via MPLS lines. I need WireShark to just capture my LAN and not the entire corporation. We are in 35 countries. I don't see an area within the WireShark config where I can tell it to just capture from my Router and or Switch. I ran WireShark as is and it just kept going and going and was displaying some IP's that are not on my network. That led me to believe it is capturing everything from my location, and our sister locations. asked 11 Mar '15, 12:44  Everest63 edited 11 Mar '15, 12:45 |
One Answer:
Wireshark will only capture the traffic that "hits" your network adapter, which is
So, unless you are talking to systems in other locations, you won't see those IP addresses in your capture file. Please read the Wiki for more information about packet capturing To answer your question:
You'll have to capture the traffic in front of your internet router (LAN side - see Switch mirror port in the wiki link above) and capture traffic there. Regards answered 12 Mar '15, 01:18  Kurt Knochner ♦ edited 12 Mar '15, 02:19 |
Hi
I've same problem and also i am new on wireshark. I've followed your advice but i'm not able to view the bandwidth usage from others ip on my lan. With the captured packets i can't be shure how is used my lan at work's time.
Can you helpme?