How to Use Wireshark to Troubleshoot Connections : Authentic8 Support

This a guideline for using Wireshark to inspect Network packets. Prior to this step, please ensure that our Firewall Requirements has been fully implemented in your Network environment's AllowList

Introduction

Wireshark is a network protocol analyzer, which captures network packets in real-time, and presents data output in human-readable format. Wireshark includes various data filters, color-coding, as well as, other features that enable deep network traffic analysis. You can use these filters to segment Silo Network traffic, as part of advanced network troubleshooting

Wireshark is available for download from their official website

Once you have Wireshark installed, launch the application, then click the name of your primary or active network interface under the Interface List to start capturing network packets. For example, if you wish to analyze traffic from your wireless network, then select the wireless interface entry

To ensure a full capture, you will want to:

→ Start a Network packet capture with the following capture filters

Example of Wireless Interface Capture

Capture Filters

→ Initiate a Silo connection via the Installed Client or Web Client

→ Stop the Network capture as soon as the connection attempt has completed (failed or successful)

→ Apply a Display Filter list similar to the example below:

(ip.addr == 13.239.146.29 || ip.addr == 13.54.16.216 || ip.addr == 23.235.225.178 || ip.addr == 23.235.226.90 || ip.addr == 34.105.243.100 || ip.addr == 34.105.243.101 || ip.addr == 34.120.76.49 || ip.addr == 34.133.167.210 || ip.addr == 34.135.3.216 || ip.addr == 34.147.167.222 || ip.addr == 34.147.188.32 || ip.addr == 34.64.234.38 || ip.addr == 34.64.32.176 || ip.addr == 34.82.129.182 || ip.addr == 34.84.170.64 || ip.addr == 34.84.170.65 || ip.addr == 34.84.175.241 || ip.addr == 34.84.58.13 || ip.addr == 35.185.254.179 || ip.addr == 35.192.140.0 || ip.addr == 35.192.87.85 || ip.addr == 35.231.117.223 || ip.addr == 35.231.137.119 || ip.addr == 35.246.2.137 || ip.addr == 35.246.47.160 || ip.addr == 66.85.157.12 || ip.addr == 66.85.157.13 || ip.addr == 66.85.157.14 || ip.addr == 92.119.244.0/24 || ip.addr == 92.119.245.0/24 || ip.addr == 104.154.39.247 || ip.addr == 104.155.196.156 || ip.addr == 104.155.196.214 || ip.addr == 104.196.45.238 || ip.addr == 104.196.50.57 || ip.addr == 104.198.102.199 || ip.addr == 104.198.108.190 || ip.addr == 104.199.158.183 || ip.addr == 104.199.169.130 || ip.addr == 130.211.176.14 || ip.addr == 184.95.48.178 || ip.addr == 184.95.48.202 || ip.addr == 194.32.244.2 || ip.addr == 194.32.244.3 || ip.addr == 194.32.245.2 || ip.addr == 194.32.245.3 || ip.addr == 194.32.247.2 || ip.addr == 194.32.247.3 || ip.addr == 198.24.179.2 || ip.addr == 198.24.179.3 || ip.addr == 198.24.179.20)

Important: Please refer to the Firewall Requirements guideline for the latest IP address entries

You will want to look for 2 certificate exchanges: Client Key Exchange and Server Key Exchange

The first certificate exchange will occur when the Silo client is connecting to the launch server, while the second exchange will take place when Silo is connecting to the app server shortly after

Please contact Support for any additional questions

Authentic8 Support

How can we help you today?

Wireshark Packet Capture for Silo Connections Print

How can we help you today?

Wireshark Packet Capture for Silo Connections Print

Related Articles