Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: [Wireshark-users] Unsubscribe

From: Michael Ferrara <mferrara1@xxxxxxxxx>
Date: Sun, 6 Aug 2017 14:44:52 -0700

On Aug 4, 2017 7:25 AM, "Jacobo Pantoja" <jacobopantoja@xxxxxxxxx> wrote:
Hi,

I'm trying to capture network traffic between a wireless bridge made with two OpenWRT devices, which means they use 4 address atheros stuff for wireless bridge. For testing, beside the "client" AP, a non-wds client joined to the "master" AP.

The AP is using WPA2-PSK, and I can sucessfully see decrypted traffic for non-wds clients, i.e. frames with both wlan.fc.ds set to 01 and to 10. But traffic from the "client" AP to the "master" AP (i.e. frames with wlan.fc.ds == 11) are not decrypted.

I guess that the PSK should be the same for the non-wds clients than for the wds client, but perhaps I'm wrong. All the EAPOL messages are properly captured. Also, I don't know if the 4address Linux stuff is adding something non-standard that WireShark cannot deal with at this moment.

Any ideas?
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe