dargnet-networks

Hello, in this entry I initially though about explaining and comparing 802.11i roaming versus 802.1X with FT roaming, but then I though it may be more interesting to follow the process as seen from the Cisco 9800 WLC and DNAC, that is where I configured the packet captures, so I´ve been re-arranging the post several times. Also, we can check when the cisco 9800 WLC will show the roam type as 802.11i Slow, 802.11i Fast or 802.11r.  Capturing Packets with Cisco DNA Center (Catalyst Center) This are the steps followed to get the captures on this post: 1.- From any tab on DNA Center, click the search button and type the MAC address you want to capture 2, 3.- Click on it and go to Client 360 4.- Once in Client 360, click on "Intelligent Capture" 5.- In the Intelligent Capture page for the selected device, click on "Run Packet Capture"  6.- A new tab will open, and there you can choose to do a Full Packet Capture or an Onboarding Packet Capture, program the capture or run...

  Some time ago, in the 38th session of "Tesos" with Ferney Muñoz I shared some tips on how to perform multi channel OTA captures with a Kali Linux VM. Before I just used a Live Kali Linux USB, and from there I was able to set any wireless NIC in monitor mode, but with the security restrictions of Windows, I had to use this method some time after. Although some processes have changed a bit since then, I hope it can help :)

 Some time ago, in the 21st session of "Tesos" with Ferney Muñoz I shared some tips on how to analyze 802.11 captures, creating buttons, filters, colums etc (in spanish) Although some processes have changed a bit since then, I hope it can help :)

THE ISSUE Yes, 5Ghz, 6Ghz, even MLO in the coming Wi-Fi 7 using those bands and 2.4Ghz, but, there are still 2.4Ghz only  capable clients... During a routine check, I observed that a client was associated on channel 5 on 2.4Ghz. The AP was managed through one of the 9800 WLCs deployed for the management of small or medium-sized offices with APs in Flexconnect. Of course, I checked the site´s RF Profile, and surprisingly, it had the following channel plan: After reviewing the 2.4Ghz RF Profiles of each of the locations managed by that 9800, I could see that absolutely all of the locations had that channel plan, even in the predefined profiles!! After eliminating channels 5, 9 and 13 from all the created profiles and the predefined ones -yes, they can be modified even if the UI shows the following error- I tried to find the cause of this incident. Initially, after seeing that this issue also occurred in a WLC in version 17.3.5 (the others were in version 17.9.4c or 17.9.5), I thought...

Hoy comparto una guía muy sencilla de como realizar capturas de paquetes en un switch o WLC Cisco de las series 9000. Realmente se trata del mismo proceso que en equipos algo más antiguos, pero con el nuevo UI de Cisco se simplifica mucho. Preparar una captura básica: Si queremos capturar todo el tráfico en uno o varios interfaces sin un filtrado complejo, directamente haremos: Ir a Troubleshoot → Packet Capture Definimos un nombre para la captura De la lista desplegable, seleccionamos no filtrar (any) o un filtro muy básico basado en IPv4 o IPv6 Definiremos un tamaño de buffer Y seleccionaremos las interfaces en las que queremos hacer capturas Preparar una captura definiendo origenes, destinos y puertos específicos: Accediendo mediante SSH al switch, definiremos una ACL con los parámetros necesarios (en el ejemplo, solo se han definido IP de origen y destino) Definimos un nombre para la captura De la lista desplegable, seleccionamos ACL, y nos aparecerá un desplegable con las ACL disp...

  Hola, en el blog de hoy, tan solo una pequeña tontería que espero pueda servir de ayuda. Hace unos días, el compañero Luis Giménez del grupo de Tesos de Ferney Muñoz comentó las virtudes de una APP llamada ANALITI Tiene características muy interesantes, y entre ellas que puedes crear un flujo en "tiempo real" de capturas de paquetes a wireshark o cloudshark, la cual, además puede ser utilizada en programas como WiFiExplorer de Adrián Granados , o, si siguiera activo, en mi añorado WinFi . En cualquier caso, aquí tan solo nos centramos en la recepción remota de paquetes desde el dispositivo que tiene instalado Analiti, que en mi caso, es mi movil. Para ello, solo tienes que ir a la pantalla "Redes" y al seleccionar el simbolo de la aleta de tiburón nos lleva a ajustes y seleccionamos "Enable Real Time PCAPng Streaming" y ahí mismo nos indicará que debemos crear un pipe con el siguiente formato:  TCP@[IP del dispositivo donde tengas Analiti]:19000  Post...