Configure Wireshark on 3850 to capture bi-directional Wireless Client Traffic
I'm trying to configure Wireshark to capture bi-directional client traffic of a single wireless client only. The IP address is 10.10.10.14 on VLAN 1. Since I can't apply filters to the CAPWAP interface, I chose VLAN 1, with the following base commands.
If I configure "monitor capture MCAP match ipv4 any any" I get too much information. If I use "monitor capture MCAP match ipv4 host 10.10.10.14 any" I get packets transmitted by 10.10.10.14, but not the responses.
Is there a way to accomplish this, or do I need to use Wireshark to filter unwanted packets? If this were a busy AP, this could result in a very large capture file. Thanks for the help.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...