- Cisco Employee,
In order to understand how and why 802.11 (WiFi) devices behave as they do, it is invaluable to perform a wireless packet capture ("sniffer".) This can be especially important when working with Cisco TAC to resolve a technical problem. The following articles will help you to choose and use a wireless sniffer.
- Fundamentals of Wireless Sniffing - some important guidelines
- Wireless Sniffing using a Mac with OS X 10.6 and above
- Wireless Sniffing with Windows 7 with Netmon 3.4
- Collecting a wireless sniffer trace using the Cisco Lightweight AP in Sniffer mode
- OmniPeek Remote Assistant
Additionally, there are several commercially available wireless sniffer products:
- OmniPeek from WildPackets
- AirMagnet WiFi Analyzer from Fluke
- CommView for WiFi from TamoSoft
- AirPcap from Riverbed (formerly CACE)
When providing Cisco TAC with wireless packet captures, please supply them in a format that is readable by current Wireshark, and that includes 802.11 meta data (RSSI, channel, data rate) - such as OmniPeek (Airopeek) or Netmon 2.0 format.