How to Use Wireshark to Troubleshoot Connections : Authentic8 Support

This a guideline for using Wireshark to inspect Network packets. Prior to this step, please ensure that our Firewall Requirements has been fully implemented in your Network environment's AllowList

Introduction

Wireshark is a network protocol analyzer, which captures network packets in real-time, and presents data output in human-readable format. Wireshark includes various data filters, color-coding, as well as, other features that enable deep network traffic analysis. You can use these filters to segment Silo Network traffic, as part of advanced network troubleshooting

Wireshark is available for download from their official website

Once you have Wireshark installed, launch the application, then click the name of your primary or active network interface under Interface List to start capturing network packets. For example, if you wish to analyze traffic from your wireless network, then select the wireless interface entry

In order to filter for Authentic8 traffic, you will want to create a filter list similar to the example below. Please disregard the double quote characters at the beginning and end

ip.addr==54.225.143.10||ip.addr==54.244.220.33||ip.addr==104.197.151.226||ip.addr==8.34.212.21||ip.addr==104.198.108.190||ip.addr==104.198.102.199||ip.addr==104.196.50.57||ip.addr==104.196.45.238||ip.addr==104.155.196.214||ip.addr==104.155.196.156||ip.addr==104.199.169.130||ip.addr==104.199.158.183||ip.addr==104.155.106.249||ip.addr==130.211.64.174

Important: Please refer to the Firewall Requirements guideline for the latest IP address entries

Once an IP address filter is in place, you may begin capturing packets, however, no data will be displayed until a connection is initiated using the Silo client

Once Silo is launched, Wireshark will begin to display rows of captured data. This data can be used to help isolate any Network related issue

During the launch process, you will want to look for 2 certificate exchanges, as shown below:

The first certificate exchange will occur when Silo is connecting to our launch servers

The second certificate exchange will occur moments later when Silo is connecting to the app servers

Shortly after, Silo will either display a PIN authentication prompt, or attempt to authenticate via SAML SSO (if configured)

Please contact Support for any additional questions

Authentic8 Support

How can we help you today?

How To Use Wireshark to Troubleshoot Connections Print

Introduction

How can we help you today?

How To Use Wireshark to Troubleshoot Connections Print

Introduction

Related Articles