This poorly documented feature enables remotely sniffing the airspece usine an lightweight AP in Sniffer mode.
- Select your favourite AP and begin sniffing by first electing his
AP mode as sniffer - Wait for the AP to reboot and check the
admin status is enabled
- For each of the AP radio in
Radios > 802.11a/n/ac and Radios > 802.11b/g/n select: - sniff > on
- channel > central channel to sniff on
- Server > ip address of a machine running wireshark
- On the machine running wireshark expect udp packets from WLC management IP port 5555 to your wireshark machine ip port 5000
- Start capturing with wireshark (filter:
port 5000 ) then right click on one packet from the capture windows and select decode as PeekRemote dissector
More info : https://supportforums.cisco.com/docs/DOC-19214 |