Remote capturing wireshark

  • 1
  • Question
  • Updated 11 months ago
We tried to set-up a remote SSH connection to connect Wireshark for remote packet capturing. The remote SSH is no problem, I can use any other tool as Putty to create an SSH session remotely, however when we use Wireshark and follow the remote interface procedure we receive the message 'No remote interfaces found'. We use the foreseen IP and port. Anyone else ever seen this behavior and what to do about it?
Thx!
Photo of Hans

Hans

  • 68 Posts
  • 8 Reply Likes

Posted 11 months ago

  • 1
Photo of Eugene

Eugene

  • 13 Posts
  • 2 Reply Likes
I have had a similar issue, where not AP were available for capture.  Talked with support and was told with the current cloud version there is a problem with how the database is being queried.  I was told the fix should be out in the next release.
Photo of Hans

Hans

  • 68 Posts
  • 8 Reply Likes
Thx for the answer Gene.
Photo of Chris B

Chris B, Official Rep

  • 93 Posts
  • 10 Reply Likes
Hi Hans / Gene

What HiveManager versions are you both using?  As it sounds like you might be referring to different platforms from what I have understood.

Thanks

Chris
Photo of Eugene

Eugene

  • 13 Posts
  • 2 Reply Likes
Cloud build version 11.24.1.1
Golden Version 6.5r7
Photo of Chris B

Chris B, Official Rep

  • 93 Posts
  • 10 Reply Likes
Thanks Gene

HMNG has integration with cloudshark, and I think I know the issue you are referring to which happens when there are a lot of devices being queried and the way the back end handles the lookup...This is indeed being fixed.

Hans, I believe you are using HM classic, which to enable remote capture you use standard wireshark.  Are you able to try to mannually enable remote sniffer via CLI?

exec capture remote-sniffer

If you still get an error, can you upload a screenshot of the wireshark interface page?  Also is the machine running wireshark able to communicate with the AP on the AP mgt VLAN?

Chris
Photo of Hans

Hans

  • 68 Posts
  • 8 Reply Likes
Chris
I'm testing this on a Hivemanager NG, using a remote SSH session due Putty works fine. I'm already tested cloudshark and it works fine but the 50€ monthly fee is not profitable yet.