Network monitor

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have network monitor set up on one of my DCs and I want to run a capture on
a single IP address. It's not too obvious how I can set this filter. Does
anyone have any ideas?
 
If you want to only capture traffic coming from a particular client, you
would set up a filter. So in network monitor go to capture > filter then add
an address filter for the ip of the system you want to filter.
 
Never mind, something that I thought would be a useful tool turns out to be a
waste of time. When I try to apply the filter I get a message "Due to
security if I wanted to capture frames from a computer on the network I have
to use the network monitor included with Systems Management Server".

Unfortunately I don't have SMS here.

Does anyone know of any tools that would be useful for me to troubleshoot
these users who are having so many connectivity issues?

I downloaded bandwidthd and wasn't able to get it working. I have posts on
their site, but nobody is responding.
 
As far as sniffers go, ethereal is a GREAT tool (and free)
http://www.ethereal.com.

If you're trouble shooting connectivity issues, the best place to start is
in the event viewer. (sorry if I'm stating the obvious).

What kind of connectivity issues are your users having? If it's just random
connection drops, a good place to start is usually updating the NIC
drivers/firmware.
Maybe do a ping -t to see if they're having connection drops. (ctrl C to
stop)

good luck,
Dan
 
There wasn't anything in the event viewer at the time, now there's a DHCP
warning event 1003 that's showing he was having a problem earlier this
morning.

I tried putting a capture filter in Ethereal for his IP address and kept
getting errors for syntax. I just put ip matches [then the ip address] the
capture window says it's capturing a dialup adapter. That's not what I was
going for.

Then I just typed the same thing in the filter bar and didn't use the
capture filter (I couldn't get it to work) and it captured without error, but
it didn't capture anything. This networking stuff isn't my specialty, but
I'm the only IT person on staff.

How do I make this capture filter?
 
I figured out how to do the capture filter. The users experience connection
drops while trying to get through online training courses. They would be
reading the material and suddenly get the "Page cannot be displayed" message
in their browser. Then they would have to hit the refresh button and in some
cases have to sign back into the website.
 
Back
Top