This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

ISO Wireshark Tutor / Network Guru

0

My business is focused on the integration of Audio, Video & automation systems in the residential and commercial markets. As technology has developed over the last 10 years, we have our greatest success when we "own" our client's network as well as all the low voltage systems. We've had great luck designing, installing and servicing networks for our clients, but will occasionally run into problems that are difficult to troubleshoot. I think understanding WLAN packet analysis will be the key to diagnosing & resolving the majority of these issues. That being said, I'm looking for assistance with the following:

  1. A recommendation for a spectrum analyzer (2.4G & 5G) I believe that a handful of our client sites have a large amount of RF chatter that could be causing problems. I've looked at some of the Metageek products and I'm inclined to go that route.
  2. A recommendation on a hardware solution for WLAN packet caputer. Is Airpcap the way to go?
  3. An experienced & patient individual who can teach me the nuts and bolts on packet analysis and troubleshooting at that level. I can only absorb so much from Youtube videos and online tutorials and would be happy to pay for the expertise of a network guru.

Thanks!

asked 06 Sep '16, 05:39

arib1's gravatar image

arib1
6112
accept rate: 0%


One Answer:

0

A recommendation for a spectrum analyzer (2.4G & 5G) I believe that a handful of our client sites have a large amount of RF chatter that could be causing problems. I've looked at some of the Metageek products and I'm inclined to go that route.

Our North American field team uses Airmagnet and my European colleagues like Ekahau for site survey and interference measurements. These are professional tools and cost a lot of money. I have one of the MetaGeek devices and it is fine for quick-check work but for anything series, you might need something better.

A recommendation on a hardware solution for WLAN packet caputer. Is Airpcap the way to go?

I specifically would not recommend AirPcap. They are not capable enough and they are not keeping up with technology. For real work, you will want OmniPeek with the WiFi adapters - they have bundles for both 802.11n (3ss) and 802.11ac(2ss) capture. This will meet demands of most devices today but even this is ageing - newest laptops are 3 spatial streams for 802.11ac. Alternatively, if you have Linux skills, that can be a solution to a point. 802.11n with 3ss is doable, but 802.11ac is tough. It's possible, but I need a PCIe or M.2 card to do it, and having a mobile solution with a bunch of M.2 cards is not that easy to put together. Plus these devices all crash often in Linux. The Windows ones do too, but not as often. Its to the point that if I REALLY need the wireless capture, I will use a minimum of two, sometimes three, separate systems for capture redundancy.

To go all the way with full capability, use one of the Cisco lightweight APs that is 3 or 4ss and put it into sniffer mode and send the frames over to a PC with either Wireshark or OmniPeek. This will get you current technology at quite a price tag. Aruba has some instant APs that I recall will do sniffer as well, so that could avoid having to get a controller. Either way, it's not cheap or really portable without a healthy UPS.

Don't forget a MacBook - out of the box can do monitor mode. If you only need one channel (i.e. no roaming issues) then don't discount this as an all-in-one tool. Install Wireshark and away you go.

An experienced & patient individual who can teach me the nuts and bolts on packet analysis and troubleshooting at that level. I can only absorb so much from Youtube videos and online tutorials and would be happy to pay for the expertise of a network guru.

Your best bet is to find someone local. Not saying it can't be done over collaborations tools, but nothing like being able to throw the capture tool at someone! This site, too, is amazing. I look at wireless packet captures every day in my day job but the people on this site blow me away with what they know about networks and protocols. The expertise on here is impressive - and usually free.

answered 06 Sep '16, 14:12

Bob%20Jones's gravatar image

Bob Jones
1.0k2515
accept rate: 21%

edited 06 Sep '16, 14:15

Thanks for the feedback and recommendations. Yes, I'd love to find someone local (Atlanta) to help us, but not sure on the best resource. I figured this would be a good starting point

(07 Sep '16, 08:03) arib1