Wireshark 1.4.0 RPCAP not working properly with MDS FCAnalyzer 3.3(5)

Recently I upgraded my Wireshark to the latest version. The version I had been running before was 1.0.6, which was quite old. I like the new interface and new features. I noticed recently however that its RPCAP functionality seems to be broken at least with the Cisco MDS running version 3.3(5).

I setup my MDS in passive remote mode as follows:

MDS2(config)# fcanalyzer remote 172.16.3.240
MDS2(config)# exit
MDS2# show fcanalyzer
PassiveClient = 172.16.3.240
MDS2#

I then instruct Wireshark to connect to it just as I always have:

I then receive the following error:

I got the same error when I tried via the command line:

Here is the version I am running:

So I tried the previous stable version, 1.2.11 and had the same issues. In the end I had to go back to Wireshark 1.0.6, which works just perfect. I am not sure if this is a shortcoming in newer Wireshark code, or that because the MDS code I am using is older, its not keeping up with the development of RPCAP. I would think the former, as any future development of RPCAP I would think should be backwards compatible in my opinion.

If anyone has tried the latest Wireshark with NX-OS 4.x or have had different results than me, please let me know, as I am a huge fan of Wireshark and its an important part of my storage and networking studies.

This entry was posted in CCIE Storage, FCAnalyzer and tagged , , , , , . Bookmark the permalink.

2 Responses to Wireshark 1.4.0 RPCAP not working properly with MDS FCAnalyzer 3.3(5)

  1. Lixia Wang says:

    I had the exactly same issue as this..

    I tried your suggested wireshark version 1.0.6 and it works perfectly. Have you worked out why ? What kind of wireshark version you got in your lab exam? Did it work in your exam?

    Thanks
    Lixia

    • brian says:

      I had no problems with any software in the lab, I am not sure what version of Wireshark they use in the lab. Just stick to 1.0.6 or another version for now, hopefully in the future newer versions of Wireshark work fine.

Leave a Reply