cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1443
Views
0
Helpful
4
Replies

Wireshark Traces

kamrannaseem1
Level 1
Level 1

Hello,

 

I would like to know at which end the issue lies, In the  attached wireshark traces, the ip address 10.92.55.255 sends SYN to 92.60.106.204 and the ip 92.60.106.204 replies with SYN ACK but then we don't see any ACK from 10.92.55.255.

 

Can we say the issue is at 10.92.55.255 end as its not replying back to the SYN ACk ? or is there anyway to check if 10.92.55.255 has received the SYN ACK from 92.60.106.204 so that it can respond 92.60.106.204 with an ACK ?

 Wireshark Traces.JPG

 

 

Any help will be much appreciated.

 

Thanks,

4 Replies 4

Hi, yes the issue seems related to server with IP 10.92.55.255.

The ACK is missing.

Can you install wireshark directly on the server?

If it's a linux, can you execute a tcpdump to check if the server receive the SYN ACK?

 

Regards.

Thanks Daniele for the reply.

 

The 10.92.55.255 device is a 3G device and the customer can't run any debugs on it.

 

Is there any other way we can check to see if the SYN ACK is being received by this device ?

 

 


Thanks.

Is this device connected to a ethernet switch?

If yes, you can configure a span port (port mirror) to this switch in order to capture the traffic destinated and originated to the 3G device.

 

Regards.

3G is a wireless radio connection type. So it would not be connected to a wired switch.

 

The best the OP would be able to do is monitor from the point at which it leaves the network and goes to the wireless gateway. You may be able to see the SYN ACK outbound there; but the only way to see if for sure on the endpoint is to have an on-device tool that captures endpoint traffic.

Review Cisco Networking for a $25 gift card