How to Capture Simultaneous Wireshark Traces from Client and Server for Network Troubleshooting by info.odysseyx@gmail.com September 14, 2024 written by info.odysseyx@gmail.com September 14, 2024 0 comment 1 views 1 introduction: I have seen clients troubleshoot issues with their IIS hosted applications on their networks. Often in network troubleshooting, you need to capture packets from both the client and the server to fully understand what is happening during the communication. Wireshark, an essential tool for network analysis, can help with this, but capturing from both sides simultaneously requires careful planning. This approach provides a complete view of the communication and helps identify the problem more effectively. In this blog, we will walk through the process of capturing Wireshark traces simultaneously on both client and server sides, providing a clearer picture of network flows and potential issues. Should we start with Wireshark?: Wireshark is a free, open source network capture and network analysis tool that is widely used worldwide. It is not installed by default on any operating system, so customers must download and install it on their devices. Here’s what you need to use it for: Tools on the official website Wireshark · Download Administrator access to both clients and servers Now we will capture the traces. Launch Wireshark. On your Windows computer, open the Start menu and type: Wireshark Right-click on Wireshark in the search box and select Run as administrator Wireshark captures traffic from all network adapters and network interface cards, but you can isolate one to capture using the capture menu that appears when Wireshark opens. A line next to the interface name indicates whether traffic is currently flowing through the interface, which can help you choose if necessary. Select from the toolbar menu capture -> startAlternatively, you can select the blue shark fin button to start a network capture. Set this on both client and server now. Reproduce the problem If you want to investigate, packet details will scroll through while the capture is running. After reproducing the problem, from the toolbar menu, select: capture -> haltAlternatively, you can stop tracking by clicking the red square button. Select from the toolbar menu file -> Save as. In the Save As dialog box, you can save the trace in the default Wireshark trace format, *.pcapng, or change it to: Save as type With drop down menu Microsoft Netmon 2.x Then save the trace as *.cap so that you can open it using Netmon. Now you have a troubleshooting log ready for comprehensive review. Source link Share 0 FacebookTwitterPinterestEmail info.odysseyx@gmail.com previous post National Institute of Mental Health: Research Partnerships to Scale Up Mental Health Interventions – fundsforNGOs next post NIH Director’s New Innovator Award Program: Supporting Early-Stage Researchers – fundsforNGOs You may also like From Zero to Hero: Building Your First Voice Bot with GPT-4o Real-Time API using... October 12, 2024 A Guide to Responsible Synthetic Data Creation October 12, 2024 Capacity Template – MGDC for SharePoint October 11, 2024 Using Azure NetApp Files (ANF) for data- and logfiles for Microsoft SQL Server in... October 11, 2024 Microsoft Community – Do you love stickers?! Do you want to be a part... October 11, 2024 Advanced Alerting Strategies for Azure Monitoring October 11, 2024 Leave a Comment Cancel Reply Save my name, email, and website in this browser for the next time I comment.