Is there a way to capture 802.11 Frames form the Stellar AP?
As in the User Guide (9 AP UI > RF Environment) described you can perform a Wireless Packet Capture. But as I understand, this is only possible if the AP is in Scanning Mode.
Is there a way to do the same, if there are Clients connected to the AP?
Hi ma2b,
This is a bit of a chicken and egg question. An accesspoint is receiving wireless frames on a specific channel or combination of channels. When you perform a wireless capture using the accesspoints, the frames are stored locally on the accesspoint flash. The ap cannot do that and bridge traffic at the same time. You can use a neighbor AP to capture the frames on the channel(s) in use by the AP. Another option would be to use a laptop to capture these frames. I would recommend using MetaGeek’s Chanalyzer 6, but that’s me 
Hello wifi113
Thank you for the explanation.
The Chanalyzer looks nice, never tried it out.
I like to take my captures with a WLAN-PI and standard Wireshark.
I was looking for a similar functionality like Peter Mackenzie was describing at WLPC last year.
Here a link to his speak.
Hi, I am inline with Wifi113 an AP in pure scanning mode consumes resources and must be dedicated to this task. So you have to choose an AP in the network for scanning and capturing 802.11 especially since it is the corporate APs that are best placed to trace their WiFi environment. Indoors do not pose a problem to choose the AP for this task, for a certain time of course if the trace window is well defined and if out of concern it is necessary to warn the users. This is not a problem they will be able to connect to neighboring APs. Then after the trace the AP can switch back to its traffic mode. In addition the capture is completely 802.11 with APs Stellar and I am not sure about with other consumer tools. But apparently you know Channelanalyzer well so it can be used if it meets your trace need. Best regards
Hi ma2b,
Nice subject Peter was demonstrating, WLAN Pi is also a very nice option. Chanalyzer deliveres some more eye candy which helps in certain scenario’s. Peter was focussing on investigation certain frame types. It depends a bit what you are investigating but you can capture frames of the AP LAN interface and save them on the AP flash as pcap and use SFTP to copy the pcap to your PC. You can SSH to the AP using the support account (support/aos2016) and use ssudo -i br-wan -w test-capture.pcap udp port 53 to save your capture. This file wile be limited in size as the flash size is limited ;-).
I guess you might be able to select another interface besides br-wan to capture the wireless frames.
Hello
I was already using the tcpdump command for troubleshooting, but was never able to capute traffic including the 802.11 header information.
As I understand the -I option is trying to set the interface to monitoring mode. But that is not possible and I get the following error message.
ssudo tcpdump -I ath11 -s0 -w trace.pcap
Error message:
That device doesn’t support monitor mode
I was woundering how that the other vendors are handeling this.
Thanks for your feedback. It looks that Aruba AP’s do offer the functionality of capturing 802.11 header information, see: ap packet-capture (arubanetworks.com). I am not sure if an ALE forum is the best place to find out about other vendors 
AP can work on capture mode and support wireless capture from 3.0.5 release, in this mode, all clients on this AP will be disconnected and wireless scanning will be stopped during packet capture period. Packet capture will be completed automatically when reaches its threshold (5minutes/10MB) or it can be stopped manually, please refer to the following
steps for the capture on Stellar AP:
Step1- login AP UI page and go to RF Environment → Wireless Capture Config → Start Capture,
Alcatel-Lucent Enterprise OmniAccess Stellar AP Deployment & Troubleshooting Guide
Alcatel-Lucent Proprietary Information Page 224
8.28 How to perform an air-capture from Stellar AP
AP can work on capture mode and support wireless capture from 3.0.5 release, in this mode, all clients on this AP will
be disconnected and wireless scanning will be stopped during packet capture period. Packet capture will be completed
automatically when reaches its threshold (5minutes/10MB) or it can be stopped manually, please refer to the following
steps for the capture on Stellar AP:
Step1- Please login AP UI page and go to RF Environment Wireless Capture ConfigStart Capture, shown as below:
Step2-Please select the corresponding filters to capture.