How to approach troubleshooting wireless connections?

Discussion in 'Wireless Networking' started by Philip Herlihy, May 24, 2009.

  1. I look after IT issues, including networking, for a couple of small
    offices. I sometimes get a situation where, despite apparently good
    signal strength, a machine won't connect.

    One machine won't connect (most of the time!) despite my trying three
    different makes of PCI wireless cards plus one USB adapter, and two
    different access points. Now there's a cable draped across the
    office... Connectivity on other machines is poor while others nearby
    seem fine.

    I've experimented over months with adjustments to various settings,
    including setting static IP addresses. One machine burst into life when
    I switched from the Intel wireless client to the Windows one, but I
    couldn't duplicate this on another machine.

    My mobile runs Windows Mobile, and this allows me to run the excellent
    "sniffi", which can graph the signals on various channels, and although
    Netstumbler can find dozens of different distinct services I've set ours
    to the channels least-used locally.

    I've recently tried experimenting with TCP parameters like MTU and RWIN,
    using DrTCP.exe. However, I'm working in the dark, and I'd like to be
    able to monitor the effect of what I'm doing. I've now started using
    Wireshark to monitor at the packet level, but I don't know what I'm
    looking for. Does anyone have some experience of this sort of thing
    they could share?

    Phil, London
     
    Philip Herlihy, May 24, 2009
    #1
    1. Advertising

  2. Hi
    To get solid Wireless in a business you might need a network of few Access
    Points, or a WDS arrangement.
    Jack (MS, MVP-Networking)

    "Philip Herlihy" <> wrote in message
    news:...
    >I look after IT issues, including networking, for a couple of small
    >offices. I sometimes get a situation where, despite apparently good signal
    >strength, a machine won't connect.
    >
    > One machine won't connect (most of the time!) despite my trying three
    > different makes of PCI wireless cards plus one USB adapter, and two
    > different access points. Now there's a cable draped across the office...
    > Connectivity on other machines is poor while others nearby seem fine.
    >
    > I've experimented over months with adjustments to various settings,
    > including setting static IP addresses. One machine burst into life when I
    > switched from the Intel wireless client to the Windows one, but I couldn't
    > duplicate this on another machine.
    >
    > My mobile runs Windows Mobile, and this allows me to run the excellent
    > "sniffi", which can graph the signals on various channels, and although
    > Netstumbler can find dozens of different distinct services I've set ours
    > to the channels least-used locally.
    >
    > I've recently tried experimenting with TCP parameters like MTU and RWIN,
    > using DrTCP.exe. However, I'm working in the dark, and I'd like to be
    > able to monitor the effect of what I'm doing. I've now started using
    > Wireshark to monitor at the packet level, but I don't know what I'm
    > looking for. Does anyone have some experience of this sort of thing they
    > could share?
    >
    > Phil, London
     
    Jack [MVP-Networking], May 25, 2009
    #2
    1. Advertising

  3. Jack [MVP-Networking] wrote:
    > Hi
    > To get solid Wireless in a business you might need a network of few
    > Access Points, or a WDS arrangement.
    > Jack (MS, MVP-Networking)
    >
    > "Philip Herlihy" <> wrote in message
    > news:...
    >> I look after IT issues, including networking, for a couple of small
    >> offices. I sometimes get a situation where, despite apparently good
    >> signal strength, a machine won't connect.
    >>
    >> One machine won't connect (most of the time!) despite my trying three
    >> different makes of PCI wireless cards plus one USB adapter, and two
    >> different access points. Now there's a cable draped across the
    >> office... Connectivity on other machines is poor while others nearby
    >> seem fine.
    >>
    >> I've experimented over months with adjustments to various settings,
    >> including setting static IP addresses. One machine burst into life
    >> when I switched from the Intel wireless client to the Windows one, but
    >> I couldn't duplicate this on another machine.
    >>
    >> My mobile runs Windows Mobile, and this allows me to run the excellent
    >> "sniffi", which can graph the signals on various channels, and
    >> although Netstumbler can find dozens of different distinct services
    >> I've set ours to the channels least-used locally.
    >>
    >> I've recently tried experimenting with TCP parameters like MTU and
    >> RWIN, using DrTCP.exe. However, I'm working in the dark, and I'd like
    >> to be able to monitor the effect of what I'm doing. I've now started
    >> using Wireshark to monitor at the packet level, but I don't know what
    >> I'm looking for. Does anyone have some experience of this sort of
    >> thing they could share?
    >>
    >> Phil, London

    >


    Thanks, Jack. We do have two access points, and both are accessible
    from all machines, although some can only just "see" the furthest one.
    All machines have at least one of them delivering good signal strength,
    usually excellent. Still we get these odd connection problems. I've
    tried many things over the last few months, and would like to be able to
    measure or monitor what's happening - hence the experiments with
    Wireshark. Are there any particular situations I should look out for?

    Phil
     
    Philip Herlihy, May 25, 2009
    #3
  4. Philip Herlihy

    Pavel A. Guest

    Philip Herlihy wrote:
    > I look after IT issues, including networking, for a couple of small
    > offices. I sometimes get a situation where, despite apparently good
    > signal strength, a machine won't connect.
    >
    > One machine won't connect (most of the time!) despite my trying three
    > different makes of PCI wireless cards plus one USB adapter, and two
    > different access points. Now there's a cable draped across the
    > office... Connectivity on other machines is poor while others nearby
    > seem fine.
    >
    > I've experimented over months with adjustments to various settings,
    > including setting static IP addresses. One machine burst into life when
    > I switched from the Intel wireless client to the Windows one, but I
    > couldn't duplicate this on another machine.
    >
    > My mobile runs Windows Mobile, and this allows me to run the excellent
    > "sniffi", which can graph the signals on various channels, and although
    > Netstumbler can find dozens of different distinct services I've set ours
    > to the channels least-used locally.
    >
    > I've recently tried experimenting with TCP parameters like MTU and RWIN,
    > using DrTCP.exe. However, I'm working in the dark, and I'd like to be
    > able to monitor the effect of what I'm doing. I've now started using
    > Wireshark to monitor at the packet level, but I don't know what I'm
    > looking for. Does anyone have some experience of this sort of thing
    > they could share?
    >
    > Phil, London



    Then, perhaps you are looking for a consultant.
    There is lot of free information, tools and guidance in Internet, but
    Internet won't give us extra lifetime to learn all that :(

    Regards,
    -- pa
    ( I am not a consultant )
     
    Pavel A., May 25, 2009
    #4
  5. Hi
    Set the Access Points to two different channels.
    Try temp. to put the "Lame" computers within few feet from on of the Access
    Point to figure out if it is Wireless problem, or computer setting.
    When you use WZC cleanup the preferred list and leave in only the Access
    Point that is best for the specific computer.
    http://www.ezlan.net/wireless/wzc3.jpg
    Note: I can keep going with more pointers like this (aka Trial & Error), but
    as Pavel said in his post "live it too short" ;).
    Jack (MS, MVP-Networking)

    "Philip Herlihy" <> wrote in message
    news:...
    > Jack [MVP-Networking] wrote:
    >> Hi
    >> To get solid Wireless in a business you might need a network of few
    >> Access Points, or a WDS arrangement.
    >> Jack (MS, MVP-Networking)
    >>
    >> "Philip Herlihy" <> wrote in message
    >> news:...
    >>> I look after IT issues, including networking, for a couple of small
    >>> offices. I sometimes get a situation where, despite apparently good
    >>> signal strength, a machine won't connect.
    >>>
    >>> One machine won't connect (most of the time!) despite my trying three
    >>> different makes of PCI wireless cards plus one USB adapter, and two
    >>> different access points. Now there's a cable draped across the
    >>> office... Connectivity on other machines is poor while others nearby
    >>> seem fine.
    >>>
    >>> I've experimented over months with adjustments to various settings,
    >>> including setting static IP addresses. One machine burst into life when
    >>> I switched from the Intel wireless client to the Windows one, but I
    >>> couldn't duplicate this on another machine.
    >>>
    >>> My mobile runs Windows Mobile, and this allows me to run the excellent
    >>> "sniffi", which can graph the signals on various channels, and although
    >>> Netstumbler can find dozens of different distinct services I've set ours
    >>> to the channels least-used locally.
    >>>
    >>> I've recently tried experimenting with TCP parameters like MTU and RWIN,
    >>> using DrTCP.exe. However, I'm working in the dark, and I'd like to be
    >>> able to monitor the effect of what I'm doing. I've now started using
    >>> Wireshark to monitor at the packet level, but I don't know what I'm
    >>> looking for. Does anyone have some experience of this sort of thing
    >>> they could share?
    >>>
    >>> Phil, London

    >>

    >
    > Thanks, Jack. We do have two access points, and both are accessible from
    > all machines, although some can only just "see" the furthest one. All
    > machines have at least one of them delivering good signal strength,
    > usually excellent. Still we get these odd connection problems. I've
    > tried many things over the last few months, and would like to be able to
    > measure or monitor what's happening - hence the experiments with
    > Wireshark. Are there any particular situations I should look out for?
    >
    > Phil
     
    Jack [MVP-Networking], May 25, 2009
    #5
  6. Jack [MVP-Networking] wrote:
    > Hi
    > Set the Access Points to two different channels.
    > Try temp. to put the "Lame" computers within few feet from on of the
    > Access Point to figure out if it is Wireless problem, or computer setting.
    > When you use WZC cleanup the preferred list and leave in only the Access
    > Point that is best for the specific computer.
    > http://www.ezlan.net/wireless/wzc3.jpg
    > Note: I can keep going with more pointers like this (aka Trial & Error),
    > but as Pavel said in his post "live it too short" ;).
    > Jack (MS, MVP-Networking)
    >
    > "Philip Herlihy" <> wrote in message
    > news:...
    >> Jack [MVP-Networking] wrote:
    >>> Hi
    >>> To get solid Wireless in a business you might need a network of few
    >>> Access Points, or a WDS arrangement.
    >>> Jack (MS, MVP-Networking)
    >>>
    >>> "Philip Herlihy" <> wrote in message
    >>> news:...
    >>>> I look after IT issues, including networking, for a couple of small
    >>>> offices. I sometimes get a situation where, despite apparently good
    >>>> signal strength, a machine won't connect.
    >>>>
    >>>> One machine won't connect (most of the time!) despite my trying
    >>>> three different makes of PCI wireless cards plus one USB adapter,
    >>>> and two different access points. Now there's a cable draped across
    >>>> the office... Connectivity on other machines is poor while others
    >>>> nearby seem fine.
    >>>>
    >>>> I've experimented over months with adjustments to various settings,
    >>>> including setting static IP addresses. One machine burst into life
    >>>> when I switched from the Intel wireless client to the Windows one,
    >>>> but I couldn't duplicate this on another machine.
    >>>>
    >>>> My mobile runs Windows Mobile, and this allows me to run the
    >>>> excellent "sniffi", which can graph the signals on various channels,
    >>>> and although Netstumbler can find dozens of different distinct
    >>>> services I've set ours to the channels least-used locally.
    >>>>
    >>>> I've recently tried experimenting with TCP parameters like MTU and
    >>>> RWIN, using DrTCP.exe. However, I'm working in the dark, and I'd
    >>>> like to be able to monitor the effect of what I'm doing. I've now
    >>>> started using Wireshark to monitor at the packet level, but I don't
    >>>> know what I'm looking for. Does anyone have some experience of this
    >>>> sort of thing they could share?
    >>>>
    >>>> Phil, London
    >>>

    >>
    >> Thanks, Jack. We do have two access points, and both are accessible
    >> from all machines, although some can only just "see" the furthest one.
    >> All machines have at least one of them delivering good signal
    >> strength, usually excellent. Still we get these odd connection
    >> problems. I've tried many things over the last few months, and would
    >> like to be able to measure or monitor what's happening - hence the
    >> experiments with Wireshark. Are there any particular situations I
    >> should look out for?
    >>
    >> Phil

    >



    Well, I found Pavel's comment surprising, as it boils down to a
    suggestion not to bother trying to understand how things work at a deep
    level but to surrender responsibility to someone else. Other groups in
    which I participate have a different outlook, and the most naive and
    untutored questions get patient, tailored answers (more like Jack's)
    intended to help the poster up the next rung, wherever on the ladder
    that might be.

    I am a "consultant", of sorts. Coming from a niche near-real-time
    programming background I'm now making a serious (and rather exhausting)
    attempt to be able to cover all the basics, from networking to graphic
    design, from database programming to hardware repair. Naturally, I
    don't know everything, but I've been in the industry for 28 years so
    far, so although I've no hope of keeping up with the outer envelope, I'm
    doing fairly well at keeping on top of what most customers need.

    In a wireless setup I've often seen a situation where the signal
    strength appears to be good or excellent, and yet the "Limited or no
    connectivity" message suggests DHPC is failing somehow. I've checked
    the issues Jack suggests above (thanks Jack) and still sometimes see
    problems.

    Where I am now is that I'm trying to dig deeper into the details for
    real evidence of problems. One correspondent (elsewhere) suggested that
    MTU might be an issue, so I've been experimenting with that, but the key
    to empiricism is analytic measurement, so I've been playing around with
    the Wireshark protocol analyser hoping to see patterns in the packet
    stream. I once successfully diagnosed a (wired) connectivity problem by
    setting very detailed firewall logging, and picked up the fact that ICMP
    3.4 packets were being blocked and so the sending station was unable to
    detect that it needed to reduce its packet size - that's the sort of
    thing I'm looking for in these odd wireless situations. Rather than try
    and judge at a macro level (eg. download times) I'm looking for
    something finer-grained, giving more certainty.

    Maybe this just isn't a useful approach, or maybe it's one that has been
    largely overlooked. But when you have one machine (happy with a cable)
    that can't make a wireless connection with any of three access points
    using any of four wireless adapters (one at a time) despite very
    thorough building, repairing and rebuilding of the windows network
    stacks, something's there to be found.

    Phil
     
    Philip Herlihy, May 25, 2009
    #6
  7. Hi
    I have my doubts about the MTU, unless it is totally Off it might affect the
    Bandwidth but not the logon.
    You can try this free util. it very good in helping adjusting MTU and RCwin.
    http://www.speedguide.net/downloads.php
    Next step with the computer is to try a spare wireless card.
    Jack (MS, MVP-Networking)

    "Philip Herlihy" <> wrote in message
    news:...
    > Jack [MVP-Networking] wrote:
    >> Hi
    >> Set the Access Points to two different channels.
    >> Try temp. to put the "Lame" computers within few feet from on of the
    >> Access Point to figure out if it is Wireless problem, or computer
    >> setting.
    >> When you use WZC cleanup the preferred list and leave in only the Access
    >> Point that is best for the specific computer.
    >> http://www.ezlan.net/wireless/wzc3.jpg
    >> Note: I can keep going with more pointers like this (aka Trial & Error),
    >> but as Pavel said in his post "live it too short" ;).
    >> Jack (MS, MVP-Networking)
    >>
    >> "Philip Herlihy" <> wrote in message
    >> news:...
    >>> Jack [MVP-Networking] wrote:
    >>>> Hi
    >>>> To get solid Wireless in a business you might need a network of few
    >>>> Access Points, or a WDS arrangement.
    >>>> Jack (MS, MVP-Networking)
    >>>>
    >>>> "Philip Herlihy" <> wrote in message
    >>>> news:...
    >>>>> I look after IT issues, including networking, for a couple of small
    >>>>> offices. I sometimes get a situation where, despite apparently good
    >>>>> signal strength, a machine won't connect.
    >>>>>
    >>>>> One machine won't connect (most of the time!) despite my trying three
    >>>>> different makes of PCI wireless cards plus one USB adapter, and two
    >>>>> different access points. Now there's a cable draped across the
    >>>>> office... Connectivity on other machines is poor while others nearby
    >>>>> seem fine.
    >>>>>
    >>>>> I've experimented over months with adjustments to various settings,
    >>>>> including setting static IP addresses. One machine burst into life
    >>>>> when I switched from the Intel wireless client to the Windows one, but
    >>>>> I couldn't duplicate this on another machine.
    >>>>>
    >>>>> My mobile runs Windows Mobile, and this allows me to run the excellent
    >>>>> "sniffi", which can graph the signals on various channels, and
    >>>>> although Netstumbler can find dozens of different distinct services
    >>>>> I've set ours to the channels least-used locally.
    >>>>>
    >>>>> I've recently tried experimenting with TCP parameters like MTU and
    >>>>> RWIN, using DrTCP.exe. However, I'm working in the dark, and I'd like
    >>>>> to be able to monitor the effect of what I'm doing. I've now started
    >>>>> using Wireshark to monitor at the packet level, but I don't know what
    >>>>> I'm looking for. Does anyone have some experience of this sort of
    >>>>> thing they could share?
    >>>>>
    >>>>> Phil, London
    >>>>
    >>>
    >>> Thanks, Jack. We do have two access points, and both are accessible
    >>> from all machines, although some can only just "see" the furthest one.
    >>> All machines have at least one of them delivering good signal strength,
    >>> usually excellent. Still we get these odd connection problems. I've
    >>> tried many things over the last few months, and would like to be able to
    >>> measure or monitor what's happening - hence the experiments with
    >>> Wireshark. Are there any particular situations I should look out for?
    >>>
    >>> Phil

    >>

    >
    >
    > Well, I found Pavel's comment surprising, as it boils down to a suggestion
    > not to bother trying to understand how things work at a deep level but to
    > surrender responsibility to someone else. Other groups in which I
    > participate have a different outlook, and the most naive and untutored
    > questions get patient, tailored answers (more like Jack's) intended to
    > help the poster up the next rung, wherever on the ladder that might be.
    >
    > I am a "consultant", of sorts. Coming from a niche near-real-time
    > programming background I'm now making a serious (and rather exhausting)
    > attempt to be able to cover all the basics, from networking to graphic
    > design, from database programming to hardware repair. Naturally, I don't
    > know everything, but I've been in the industry for 28 years so far, so
    > although I've no hope of keeping up with the outer envelope, I'm doing
    > fairly well at keeping on top of what most customers need.
    >
    > In a wireless setup I've often seen a situation where the signal strength
    > appears to be good or excellent, and yet the "Limited or no connectivity"
    > message suggests DHPC is failing somehow. I've checked the issues Jack
    > suggests above (thanks Jack) and still sometimes see problems.
    >
    > Where I am now is that I'm trying to dig deeper into the details for real
    > evidence of problems. One correspondent (elsewhere) suggested that MTU
    > might be an issue, so I've been experimenting with that, but the key to
    > empiricism is analytic measurement, so I've been playing around with the
    > Wireshark protocol analyser hoping to see patterns in the packet stream.
    > I once successfully diagnosed a (wired) connectivity problem by setting
    > very detailed firewall logging, and picked up the fact that ICMP 3.4
    > packets were being blocked and so the sending station was unable to detect
    > that it needed to reduce its packet size - that's the sort of thing I'm
    > looking for in these odd wireless situations. Rather than try and judge
    > at a macro level (eg. download times) I'm looking for something
    > finer-grained, giving more certainty.
    >
    > Maybe this just isn't a useful approach, or maybe it's one that has been
    > largely overlooked. But when you have one machine (happy with a cable)
    > that can't make a wireless connection with any of three access points
    > using any of four wireless adapters (one at a time) despite very thorough
    > building, repairing and rebuilding of the windows network stacks,
    > something's there to be found.
    >
    > Phil
     
    Jack [MVP-Networking], May 25, 2009
    #7
  8. Philip Herlihy

    Pavel A. Guest

    @ Philip Herlihy:

    Then apologies, you seem to have much more time on your hands than
    typical busy issue-oriented IT workers.

    But what if the problem is in RF interference?
    This can require serious tools that ordinary IT or even electric
    engineers don't own, or software that one can't download from internet
    freely, and specific skills with these tools and software.

    OTOH I enjoyed working with pros (when they tolerate me looking over
    their shoulder), have learned something new from them every time.

    Best regards,
    -- Pavel
     
    Pavel A., May 25, 2009
    #8
  9. Pavel A. wrote:
    > @ Philip Herlihy:
    >
    > Then apologies, you seem to have much more time on your hands than
    > typical busy issue-oriented IT workers.
    >
    > But what if the problem is in RF interference?
    > This can require serious tools that ordinary IT or even electric
    > engineers don't own, or software that one can't download from internet
    > freely, and specific skills with these tools and software.
    >
    > OTOH I enjoyed working with pros (when they tolerate me looking over
    > their shoulder), have learned something new from them every time.
    >
    > Best regards,
    > -- Pavel


    Pavel, your experience of these matters is not sufficient to allow you
    to gauge whether I have time on my hands.

    PH
     
    Philip Herlihy, May 26, 2009
    #9
  10. Jack [MVP-Networking] wrote:
    > Hi
    > I have my doubts about the MTU, unless it is totally Off it might affect
    > the Bandwidth but not the logon.
    > You can try this free util. it very good in helping adjusting MTU and
    > RCwin.
    > http://www.speedguide.net/downloads.php
    > Next step with the computer is to try a spare wireless card.
    > Jack (MS, MVP-Networking)
    >


    ....

    >>>>> "Philip Herlihy" <> wrote in message
    >>>>> news:...
    >>>>>> I look after IT issues, including networking, for a couple of
    >>>>>> small offices. I sometimes get a situation where, despite
    >>>>>> apparently good signal strength, a machine won't connect.
    >>>>>>
    >>>>>> One machine won't connect (most of the time!) despite my trying
    >>>>>> three different makes of PCI wireless cards plus one USB adapter,
    >>>>>> and two different access points. Now there's a cable draped
    >>>>>> across the office... Connectivity on other machines is poor while
    >>>>>> others nearby seem fine.
    >>>>>>
    >>>>>> I've experimented over months with adjustments to various
    >>>>>> settings, including setting static IP addresses. One machine
    >>>>>> burst into life when I switched from the Intel wireless client to
    >>>>>> the Windows one, but I couldn't duplicate this on another machine.
    >>>>>>
    >>>>>> My mobile runs Windows Mobile, and this allows me to run the
    >>>>>> excellent "sniffi", which can graph the signals on various
    >>>>>> channels, and although Netstumbler can find dozens of different
    >>>>>> distinct services I've set ours to the channels least-used locally.
    >>>>>>
    >>>>>> I've recently tried experimenting with TCP parameters like MTU and
    >>>>>> RWIN, using DrTCP.exe. However, I'm working in the dark, and I'd
    >>>>>> like to be able to monitor the effect of what I'm doing. I've now
    >>>>>> started using Wireshark to monitor at the packet level, but I
    >>>>>> don't know what I'm looking for. Does anyone have some experience
    >>>>>> of this sort of thing they could share?
    >>>>>>
    >>>>>> Phil, London
    >>>>>
    >>>>
    >>>> Thanks, Jack. We do have two access points, and both are accessible
    >>>> from all machines, although some can only just "see" the furthest
    >>>> one. All machines have at least one of them delivering good signal
    >>>> strength, usually excellent. Still we get these odd connection
    >>>> problems. I've tried many things over the last few months, and
    >>>> would like to be able to measure or monitor what's happening - hence
    >>>> the experiments with Wireshark. Are there any particular situations
    >>>> I should look out for?
    >>>>
    >>>> Phil
    >>>

    >>

    ....

    Thanks, Jack - I'll certainly try out the utility you've suggested.
    Someone else recently pointed out that MTU is unlikely to affect DHCP as
    the packets involved are small - obvious once stated!

    We have tried (several) other cards, and also access points. Oddly, the
    (intermittent) fault seems to stay with the PC, which is perfectly happy
    with a cable connection.

    I have occasionally seen similar things elsewhere, and was looking for a
    diagnostic "toolkit".

    Phil
     
    Philip Herlihy, May 26, 2009
    #10
  11. Philip Herlihy

    Pavel A. Guest

    Ok, then, since you already have tried the advice of Jack
    (another wi-fi adapter), and if this is not MTU, and not other software
    problem on that PC - it can be RF interference.
    TCP/IP is generally resistant to interference/signal loss, but
    lower level protocols 802.1x and EAP are fragile (do less or no retries).

    1. Put another (working) PC in the place of the non working PC. If it
    will work, the problem is somewhere in software.
    2. Otherwise check for RF conditions (use different channel, move
    antennas, move the router closer ).
    3. The last step is ... packet sniffers. Some are freely available. The
    802.11 spec is available as well.

    Good luck.
    -- pa
     
    Pavel A., May 26, 2009
    #11
  12. Pavel A. wrote:
    > Ok, then, since you already have tried the advice of Jack
    > (another wi-fi adapter), and if this is not MTU, and not other software
    > problem on that PC - it can be RF interference.
    > TCP/IP is generally resistant to interference/signal loss, but
    > lower level protocols 802.1x and EAP are fragile (do less or no retries).
    >
    > 1. Put another (working) PC in the place of the non working PC. If it
    > will work, the problem is somewhere in software.
    > 2. Otherwise check for RF conditions (use different channel, move
    > antennas, move the router closer ).
    > 3. The last step is ... packet sniffers. Some are freely available. The
    > 802.11 spec is available as well.
    >
    > Good luck.
    > -- pa


    Ok, thanks for the suggestions. As it happens I've tried your (1) and
    (2) (using an RF detector which would pick up non 802.11 signals) and
    (3) brings me back to my original question (Wireshark is a protocol
    analyser).

    Thanks anyway.

    Phil
     
    Philip Herlihy, May 26, 2009
    #12
  13. Philip Herlihy

    Pavel A. Guest

    Philip,

    I use the Omnipeek sniffer, don't have experience with Wireshark for wi-fi.
    There should be some step by step guides on Wireshark, may be Mr. Jack
    has some links on his site.
    You've mentioned the Intel wireless client.
    It can be helpful to know the exact models. Intel adapters can be made
    for specific countries and computer brands, to comply to local RF
    regulations; use of some frequencies may be blocked in hardware or
    firmware. Also, some their old models are B-only and won't work with G
    routers, or don't support some security modes.

    Basically you need to sniff on the air level protocol (802.11)
    and it differs from what we do usually on wired ethernet.
    First, select the channel or frequency same as of your router/AP.
    Next steps depend on what exactly "does not work".
    At least, the PC must send probe requests to the AP and receive probe
    responces.

    Also, as alternative to wi-fi you may want to look at powerline network
    option. AFAIK powerline is popular in UK for non-portable PCs. No new
    wires and very low maintenance.

    Regards,
    -- pa
     
    Pavel A., May 27, 2009
    #13
  14. Pavel A. wrote:
    > Philip,
    >
    > I use the Omnipeek sniffer, don't have experience with Wireshark for wi-fi.
    > There should be some step by step guides on Wireshark, may be Mr. Jack
    > has some links on his site.
    > You've mentioned the Intel wireless client.
    > It can be helpful to know the exact models. Intel adapters can be made
    > for specific countries and computer brands, to comply to local RF
    > regulations; use of some frequencies may be blocked in hardware or
    > firmware. Also, some their old models are B-only and won't work with G
    > routers, or don't support some security modes.
    >
    > Basically you need to sniff on the air level protocol (802.11)
    > and it differs from what we do usually on wired ethernet.
    > First, select the channel or frequency same as of your router/AP.
    > Next steps depend on what exactly "does not work".
    > At least, the PC must send probe requests to the AP and receive probe
    > responces.
    >
    > Also, as alternative to wi-fi you may want to look at powerline network
    > option. AFAIK powerline is popular in UK for non-portable PCs. No new
    > wires and very low maintenance.
    >
    > Regards,
    > -- pa


    Thanks, Pavel - I'll look into Omnipeek. I do use Powerline where
    possible - Netgear make some nice ones with a built-in 4-port switch at
    each node.

    Phil
     
    Philip Herlihy, May 27, 2009
    #14
  15. Philip Herlihy wrote:
    > Pavel A. wrote:
    >> Philip,
    >>
    >> I use the Omnipeek sniffer, don't have experience with Wireshark for
    >> wi-fi.
    >> There should be some step by step guides on Wireshark, may be Mr. Jack
    >> has some links on his site.
    >> You've mentioned the Intel wireless client.
    >> It can be helpful to know the exact models. Intel adapters can be made
    >> for specific countries and computer brands, to comply to local RF
    >> regulations; use of some frequencies may be blocked in hardware or
    >> firmware. Also, some their old models are B-only and won't work with G
    >> routers, or don't support some security modes.
    >>
    >> Basically you need to sniff on the air level protocol (802.11)
    >> and it differs from what we do usually on wired ethernet.
    >> First, select the channel or frequency same as of your router/AP.
    >> Next steps depend on what exactly "does not work".
    >> At least, the PC must send probe requests to the AP and receive probe
    >> responces.
    >>
    >> Also, as alternative to wi-fi you may want to look at powerline
    >> network option. AFAIK powerline is popular in UK for non-portable PCs.
    >> No new wires and very low maintenance.
    >>
    >> Regards,
    >> -- pa

    >
    > Thanks, Pavel - I'll look into Omnipeek. I do use Powerline where
    > possible - Netgear make some nice ones with a built-in 4-port switch at
    > each node.
    >
    > Phil


    I did look into OmniPeek, and I'm now a bit more in tune with your
    earlier comment to the effect that life's too short...

    Found a download location for OmniPeek Personal 4.1, which doesn't seem
    to be widely available now (free edition seems to have been launched in
    2006 and since withdrawn). Have asked for a price for the "Basic"
    edition (irritating when you have to ask), but noted the Enterprise one
    is about $6K. The Personal edition does have many bells and whistles
    that Wireshark doesn't, and appears to be able to dig deep into the
    wireless transmission layer, but only if you have a supported wireless
    card. The website is little help in figuring out which ones those might
    be, apart from a short list.

    I think I probably draw the line at trying to follow conversations at
    the wireless transmission layer, unless I can find a utility demanding
    rather less study than this one - spent about two hours "getting
    started" and that's it for this week at least!

    I have seen (and largely ignored) low-level parameters such as beacon
    interval and fragmentation threshold which some client software exposes.
    I wonder if there is any mileage in tampering with those? My guess is
    that it's no accident they are usually hidden.

    Phil
     
    Philip Herlihy, May 27, 2009
    #15
  16. Philip Herlihy

    Jack-MVP Guest

    Hi
    Philip while in theory you are taken the right approach reality is quite
    different.
    Wireless is used by big corporation that cannot afford trouble, they can
    maintain it correctly because in the general scheme of the Network expenses
    having special devices and special software that cost thousands of $$ for
    debugging purposes is negligible. Small business and individual users that
    cannot afford these tools.
    It is always amusing to see the online phenomenon when people that have
    small Networks with CAT5e cables that might have a total current value of
    $50, are told to buy a Fluke device ($1000) to find what is wrong with the
    cables.
    Computing devices are usually pieces of plastic, silicone, and a little
    metal, there is No reason to get attached to them. The price of the
    inexpensive devices is less than the cost of an hour work of good IT tech.
    I keep an array of spares (at a cost of few hundred $$$) of Wire/Wireless
    devices known to be good (and widely compatible as learned from my own
    experience), at a certain point of the process weeding out the problem by
    hardware (or software) replacement is faster and more cost effective.
    Wireshark is useful when One knows specifically what cluster he is looking
    for; otherwise it is a waste of time.
    Specifically to Entry Level Wireless. There is too much deviation from the
    standard. You can have a situation that a Good Wireless Router/Access Point
    works well with few Wireless Cards and problematic with others. While the
    problematic card works well with other Wireless sources. It is not just
    marketing, when all the Wireless vendors motioned that their Wireless
    devices works best with their own Wireless Devices. One also has to be
    aware that some manufacturers change the chipset of s device while
    maintaining the same Model number. (Linksys WRT54G v1-4 is ain't the same as
    v 4 and above).
    Live is short, and Tough ;)
    Jack (MS, MVP-Networking).

    "Philip Herlihy" <> wrote in message
    news:...
    > Philip Herlihy wrote:
    >> Pavel A. wrote:
    >>> Philip,
    >>>
    >>> I use the Omnipeek sniffer, don't have experience with Wireshark for
    >>> wi-fi.
    >>> There should be some step by step guides on Wireshark, may be Mr. Jack
    >>> has some links on his site.
    >>> You've mentioned the Intel wireless client.
    >>> It can be helpful to know the exact models. Intel adapters can be made
    >>> for specific countries and computer brands, to comply to local RF
    >>> regulations; use of some frequencies may be blocked in hardware or
    >>> firmware. Also, some their old models are B-only and won't work with G
    >>> routers, or don't support some security modes.
    >>>
    >>> Basically you need to sniff on the air level protocol (802.11)
    >>> and it differs from what we do usually on wired ethernet.
    >>> First, select the channel or frequency same as of your router/AP.
    >>> Next steps depend on what exactly "does not work".
    >>> At least, the PC must send probe requests to the AP and receive probe
    >>> responces.
    >>>
    >>> Also, as alternative to wi-fi you may want to look at powerline network
    >>> option. AFAIK powerline is popular in UK for non-portable PCs. No new
    >>> wires and very low maintenance.
    >>>
    >>> Regards,
    >>> -- pa

    >>
    >> Thanks, Pavel - I'll look into Omnipeek. I do use Powerline where
    >> possible - Netgear make some nice ones with a built-in 4-port switch at
    >> each node.
    >>
    >> Phil

    >
    > I did look into OmniPeek, and I'm now a bit more in tune with your earlier
    > comment to the effect that life's too short...
    >
    > Found a download location for OmniPeek Personal 4.1, which doesn't seem to
    > be widely available now (free edition seems to have been launched in 2006
    > and since withdrawn). Have asked for a price for the "Basic" edition
    > (irritating when you have to ask), but noted the Enterprise one is about
    > $6K. The Personal edition does have many bells and whistles that
    > Wireshark doesn't, and appears to be able to dig deep into the wireless
    > transmission layer, but only if you have a supported wireless card. The
    > website is little help in figuring out which ones those might be, apart
    > from a short list.
    >
    > I think I probably draw the line at trying to follow conversations at the
    > wireless transmission layer, unless I can find a utility demanding rather
    > less study than this one - spent about two hours "getting started" and
    > that's it for this week at least!
    >
    > I have seen (and largely ignored) low-level parameters such as beacon
    > interval and fragmentation threshold which some client software exposes. I
    > wonder if there is any mileage in tampering with those? My guess is that
    > it's no accident they are usually hidden.
    >
    > Phil
     
    Jack-MVP, May 27, 2009
    #16
  17. Philip Herlihy

    Pavel A. Guest

    Jack-MVP wrote:
    > Live is short, and Tough ;)


    or rather - life is tough, but short :(

    -- pa
     
    Pavel A., May 27, 2009
    #17
  18. Pavel A. wrote:
    > Jack-MVP wrote:
    >> Live is short, and Tough ;)

    >
    > or rather - life is tough, but short :(
    >
    > -- pa



    Ok. I'll go and walk the dog in the Forest instead.

    Thanks, folks. (Just don't like being beaten!)

    OmniPeek Basic is just under £1000 (+ Vat, presumably), by the way.
    Wireshark is free.

    Phil
     
    Philip Herlihy, May 28, 2009
    #18
  19. Philip Herlihy

    Pavel A. Guest

    Have a pleasant day, Philip.
    Really hope you aren't offended.
    Networking is pretty hard by itself, but wireless is close to the
    "theoretical limit" for non professionals that otherwise are considered
    computer and network savvy.
    Pre-N WiFi is at least an order of magnitude more complicated than
    ethernet, the N is even more complicated. And next things still are
    coming...

    regards,
    -- pa
     
    Pavel A., May 28, 2009
    #19
  20. Hi
    I am using Wireshark for years (use to be called Ethereal) and it is one of
    the best free tools.
    A Jaguar cost in the USA $80.000, walking is Free.
    I can easily walk 40 (or more) blocks in New York (20 streets blocks is a
    Mile), but I am not going to walk from New York to LA. ;)
    Jack (MS, MVP-Networking)

    "Philip Herlihy" <> wrote in message
    news:%...
    > Pavel A. wrote:
    >> Jack-MVP wrote:
    >>> Live is short, and Tough ;)

    >>
    >> or rather - life is tough, but short :(
    >>
    >> -- pa

    >
    >
    > Ok. I'll go and walk the dog in the Forest instead.
    >
    > Thanks, folks. (Just don't like being beaten!)
    >
    > OmniPeek Basic is just under £1000 (+ Vat, presumably), by the way.
    > Wireshark is free.
    >
    > Phil
     
    Jack [MVP-Networking], May 29, 2009
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Boris
    Replies:
    2
    Views:
    1,092
    Boris
    Apr 6, 2004
  2. =?Utf-8?B?R2F2aW4=?=

    Core Exams - Best approach to take?

    =?Utf-8?B?R2F2aW4=?=, Jan 30, 2006, in forum: MCSE
    Replies:
    1
    Views:
    435
    =?Utf-8?B?cm9iZXJ0ZC4=?=
    Feb 2, 2006
  3. Stefaan Meeuws

    how to identify/approach a discovered wlan (i want to pay)

    Stefaan Meeuws, Apr 27, 2006, in forum: Wireless Networking
    Replies:
    4
    Views:
    576
  4. gangle

    A new approach by spammers

    gangle, Jan 20, 2004, in forum: Computer Support
    Replies:
    10
    Views:
    665
    Black Baptist
    Feb 7, 2004
  5. Oxford Systems

    OT: An interesting approach to wireless security

    Oxford Systems, May 18, 2004, in forum: Computer Support
    Replies:
    1
    Views:
    362
    Dan Shea
    May 18, 2004
Loading...

Share This Page