Manualshelf

User`s manual

ManualsBrandsD-Link ManualsComputer equipmentDWL-8220AP - AirPremier Wireless Switch Dualband Access Point
401402403404405406407408409410
398
DWS-1008 User’s Manual
D-Link Systems, Inc.
Appendix A - Troubleshooting
DWS-1008# show snoop stats snoop1
Filter Dap Radio Rx Match Tx Match Dropped Stop-After
=============================================================
snoop1 3 1 96 4 0 stopped
Preparing an Observer and Capturing Trafc
To observe monitored trafc, install the following applications on the observer:
Ethereal or Tethereal Version 0.10.8 or later
Netcat (any version), if not already installed
Ethereal and Tethereal decode 802.11 packets embedded in TZSP without any
conguration.
Use Netcat to listen to UDP packets on the TZSP port. This avoids a constant ow of ICMP
destination unreachable messages from the observer back to the radio. You can obtain
Netcat through the following link:
http://www.securityfocus.com/tools/139/scoreit
If the observer is a PC, you can use a Tcl script instead of Netcat if preferred.
1. Install the required software on the observer.
2. Congure and map snoop lters in MSS.
3. Start Netcat:
On Linux or Unix, use a command such as the following:
nc -l -u -p 37008 ip-addr > /dev/null &
On Windows, use the following command:
netcat -u -p 37008 -v -v
Where ip-addr is the IP address of the Distributed AP to which the snoop lter is
mapped. (To display the Distributed AP’s IP address, use the show dap status
command.)
4. Start the capture application:
• For Ethereal capture, use ethereal lter port 37008.
• For Tethereal capture, use tethereal -V port 37008.
5. Disable the option to decrypt 802.11 payloads. Because the AP always decrypts the
data before sending it to the observer, the observer does not need to perform any
decryption. In fact, if you leave decryption enabled on the observer, the payload
data becomes unreadable.