Omnipliance WiFi Tech Tips

 

How do you configure the Packet File Indexing to increase performance for Forensic Searches?

  1. Go to Capture Options>Packet File Indexing
  2. Select the packet characteristics you are most likely to use in a forensic search software filter then click OK
Back to the top

How do you configure the new Protocol Translations the Capture Engine?

  1. Go to the tab in Settings>Protocol Translations
  2. Click the Insert Button
  3. Choose TCP or UDP
  4. Enter the Port number
  5. Choose the Sub-Protocol by clicking “Choose”
  6. After you have selected one Click OK
Back to the top

How do I configure the new Compass “Group Nodes” option?

  1. Go to the Capture Options>Analysis Options and double-click on Compass
  2. Then you will see the “Group Nodes By” field under the Statistics Options
  3. Select one of the options Nodes by Node & MAC, Node or MAC then click OK
Back to the top

How do you enable the Monit feature to run?

The Savvius configuration is disabled by default, and can be enabled it to run automatically on boot by issuing the following commands:

(cd /etc/monit/conf-enabled; ln -s ../conf-available/omnid) monit reload

The Savvius configuration is stored and runs in a directory that will persist on reboot. It is user programmable and has many options, but only the pre-defined Savvius parameters and options are supported

Back to the top

I am not able to modify the decode column I added, why not?

Once you add a decode column to the Packet List Columns, you cannot modify it, only delete it. Right-Click on the decode you have added, uncheck it, the decode will be deleted and you may add a new one.

Back to the top

I want to use Compass for the Capture Engine but I do not see it in the Capture View pane, what is wrong?

The Compass program is enabled and disabled in the Analysis Options. Please go to Capture Options>Analysis Options and enable it there.

Back to the top

What if I don't want some of my users downloading files from the Capture Engine?

This is because there is no default gateway associated with these ports. They are designed to receive but not return or transmit traffic. We do have a feature request in our database asking for the ability to configure a gateway on these interfaces.

Back to the top

I have Omnipeek and I am trying to connect to my Capture Engine. I know my credentials are correct, but I cannot connect. Why?

You must either disable the Windows firewall, or add Capture Engine port 6367 and 6369 for TCP to the exceptions list, to make Capture Engine accessible from the Omnipeek machine.

Back to the top

My Omnipliance did not come with an LCD, how do I configure it?

With Capture Engine, the configuration is done using the Configuration Utility on the supplied USB key. Simply launch the utility, enter the information for IP, NTP, Time Zone, etc. and save it. Then, you can insert the key into the Omnipliance and just reboot. It will grab the configuration from the utility.

Back to the top

I have configured the Access Point Capture Adapter ports on my Omnipliance WiFi unit. When I ping them from a different IP network, they don't respond, why?

This is because there is no default gateway associated with these ports. They are designed to receive but not return or transmit traffic. We do have a feature request in our database asking for the ability to configure a gateway on these interfaces.

Back to the top

How do I configure the Omnipliance WiFi interfaces remotely?

This can be done via the command line interface through SSH to the management interface or through console redirection via the IPMI interface. All four ports can be configured with one command, which is:

omni-interface --adapter eth2 --static --address 172.20.120.156 --netmask 255.255.255.0 --broadcast 172.20.120.255;
omni-interface --adapter eth3 --static --address 172.20.120.157 --netmask 255.255.255.0 --broadcast 172.20.120.255;
omni-interface --adapter eth4 --static --address 172.20.120.158 --netmask 255.255.255.0 --broadcast 172.20.120.255;
omni-interface --adapter eth5 --static --address 172.20.120.159 --netmask 255.255.255.0 --broadcast 172.20.120.255;

Back to the top
Contact Us Savvius Blog Follow Savvius on Twitter Like Savvius on Facebook Follow Savvius on LinkedIn Follow Savvius on YouTube