SonicOS 7.0 Access Points
- SonicOS7.0
- About Access Points
- Settings
- Synchronize Access Points
- Provisioning Overview
- Creating/Modifying Provisioning Profiles
- Adding/Editing a Provisioning Profile - Getting Started
- General Settings for Provisioning Profiles
- 5GHz/2.4GHz Radio Basic Settings for Provisioning Profiles
- 5GHz/2.4GHz Radio Advanced Settings for Provisioning Profiles
- Sensor Settings for WIDP in Provisioning Profiles
- Mesh Network Settings for Provisioning Profiles
- 3G/4G/LTE WWAN Settings for Provisioning Profiles
- Bluetooth LE Settings for Provisioning Profiles
- Deleting Access Point Profiles
- Product Specific Configuration Notes
- Managing Access Point Objects
- Firmware Management
- Floor Plan View
- Station Status
- Intrusion Detection Services
- Advanced IDP
- Packet Capture
- Virtual Access Points
- RF Monitoring
- RF Analysis
- RF Spectrum
- FairNet
- Wi-Fi Multimedia
- 3G/4G/LTE WWAN
- Bluetooth LE Devices
- Radio Management
- SonicWall Support
Packet Capture
The DEVICE | Access Points > Packet Capture feature provides an in-depth type of wireless troubleshooting that you can use to gather wireless data from a client site or network and output the data into a readable Packet Capture (PCAP) file. This feature is supported for most SonicWave access points. SonicWave radios can also be configured to capture 802.11 frames into a PCAP file for download.
Because the antenna of the scan radio is 1x1, some data frames cannot be captured by the scan radio because of hardware restrictions.
The Packet Capture page shows the status of the SonicWave, the number of packets captured, and the size of the packet buffer. At the right, hover on the SonicWave to configure the capture settings for each SonicWave.
To capture the data for one of configured SonicWave radios, click Download for that row on the Packet Capture page. The capture file is named with the format, “wirelessCapture_[SW name].cap,” where SW name is the SonicWave name. Wireshark™ can be used to read the file.
Using the Edit feature, you can configure the Mode, Radio Band and Standard Channel Capture Radio Settings in the Edit SonicWave Capture Settings dialog, allowing you to capture wireless packets in a specific channel. You can configure up to five source and destination MAC addresses. Click Edit icon for the SonicWave you want to configure.
SonicWave Capture Radio Settings
-
From the Mode drop-down menu, select the capture radio channel for the appropriate SonicWave.
-
Select an appropriate radio frequency band from the Radio Band drop-down menu.
-
Indicate the standard allowable frequency channel associated with the selected radio band from the Standard Channel drop-down menu.
SonicWave 802.11 Packet Capture Settings
-
Click Enable Packet Capture to begin capturing wireless packets for this specific SonicWave.
-
To continue capturing packets after the buffer fills up, select Wrap Capture Buffer Once Full. Selecting this option causes packet capture to start writing captured packets at the beginning of the buffer again after the buffer fills.
SonicWave Packet Capture Filter Settings
-
For Source AC Address(es), enter the MAC address(es) of your wireless adapter(s). Enter a dash between each pair of characters. You can enter up to five addresses.
For example: 00-12-34-56-78-AB
-
For Destination MAC Address(es), enter the destination MAC address(es) of your wireless adapter(s). Enter a dash between each pair of characters. You can enter up to five addresses.
-
Enter the BSSID. A BSSID (Basic Service Set IDentifier) is the wireless equivalent of a MAC (Media Access Control) address, or a unique hardware address of an access point or VAP for the purposes of identification. The client on the SonicWall ESSID moves away from AP1 and toward AP2, the strength of the signal from the former decreases while the latter increases. The client’s wireless card and driver constantly monitors these levels, differentiating between the (V)APs by their BSSID. When the card/driver’s criteria for roaming are met, the client detaches from the BSSID of AP1 and attaches to the BSSID or AP2, all the while remaining connected the SonicWall ESSID.
-
Enter the ESSID. An ESSID (Extended Service Set IDentifier) is a collection of access points (or Virtual Access Points) sharing the same SSID. A typical wireless network comprises more than one access point for the purpose of covering geographic areas larger than can be serviced by a single access point. As clients move through the wireless network, the strength of their wireless connection decreases as they move away from one access point (AP1) and increases as they move toward another (AP2). Providing AP1 and AP2 are on the same ESSID (for example, SonicWall) and that the (V)APs share the same SSID and security configurations, the client can roam from one to the other. This roaming process is controlled by the wireless client hardware and driver, so roaming behavior can differ from one client to the next, but it is generally dependent upon the signal strength of each access point within an ESSID.
-
Select Enable Bidirectional Address Matching to match IP addresses specified in the MAC source and/or destination fields against both the source and/or destination fields in each packet.
-
Your SonicWave broadcasts a beacon (announcements of availability of a wireless network) for every SSID configured. By default, the SSID is included within the beacon so that wireless clients can see the wireless networks. The option to suppress the SSID within the beacon is provided on a per-SSID (for example, per-VAP or per-AP) basis to help conceal the presence of a wireless network, while still allowing clients to connect by manually specifying the SSID. You can disable this feature by clicking Exclude Beacon.
-
Exclude Probe Request suppresses broadcasting of the SSID name and disables responses to probe requests. Click this option if you do not wish for your SSID to be seen by unauthorized wireless clients.
-
When a wireless client sends out a probe request, the attacker sends back a response with a Null SSID. This response causes many popular wireless cards and devices to stop responding. You can disable this by clicking Exclude Probe Response.
-
Click Exclude Control to remove general control of the wireless client.
-
Your SonicWave tracks individual data packets that traverse all your SonicWall firewall appliances. Packets can be either monitored or mirrored. The monitored packets contain both data and addressing information. You can disable this tracking by enabling Exclude Data.
Was This Article Helpful?
Help us to improve our support portal