Wireshark with mixed devices WIFI + WIRED

Hi Altogether, hello Community,
I'm having a little issue with wireshark. Read for a few weeks official documentation and obviously uncle Google's results in order to find out where my problem could be. Sure fact is, that I'm overlooking something, but am not able to understand/solve the following issue.

On my private Linux laptop I connect through wifi into a classical LAN (192.168.120.0/24) with SSID "office".

Letting wireshark run on the wifi-interface in promiscuous mode the laptop pings to 192.168.120.164 (which is a charging station for electric cars connected to a switch), which answers and wireshark shows the ICMP requests and responses.

But if I give wireshark the filter even for 24 hours, wireshark does not show anything. But I know for sure that the charging station (192.168.120.164) communicates quite constantly through internet/web...

As already stated in the beginning, I searched quite a while and applied many different display/capturing filters and read lots of documentation. But everything was to no avail...

Anyone have some suggestions? Thank you very much in advance
Sincerely Yours

Hi,
- Try to just filter "icmp" and you'll maybe know what's wrong ?
- Maybe ipv6 related
- Maye some default filter applied

Hi Ketza, thank you for replying. Unluckily I don't see where your 3 points help. Of course tried simple (dns, icmp, etc.) and letting them run for hours. Instead when applying no display filters... I see communication from many different ip addresses, but not the charging station...

Hi everyone! Maybe you somehow excluding that address? Haven't used Wireshark for some time and therefore do not remember in detail how I used it, maybe try add protocol and / or port? Maybe direction e.g. destination, source. Regards

Are you sure everything is working in promiscuous mode? I think the problem might be that packets between station and the router are not captured. You of course see the packets that are sent from laptop to station and from station to laptop, but not necessary packets between the router and station. If your router supports tcpdump, you could collect the packet capture of station IP on the router and analyze it on your laptop.

Cita de jusb3

Julio 03, 2023 - 13:44:38

Are you sure everything is working in promiscuous mode? I think the problem might be that packets between station and the router are not captured. You of course see the packets that are sent from laptop to station and from station to laptop, but not necessary packets between the router and station. If your router supports tcpdump, you could collect the packet capture of station IP on the router and analyze it on your laptop.

This faq question might be helpful:
https://www.wireshark.org/faq.html#promiscsniff

@jusb3 thank you for your time and making me wiser carefully read that chapter of the faq more then once. Yep, maybe there is also vlan issues (now that I'm pondering), the laptop is connected to ssid office in the same vlan. But of course this is through wifi. The CS (charging station) is connected / wired to the switch. I will try to plug the eth-cable of the CS directly to the laptop and see if something happens...