1) Login to the CAS Gateways web interface and browse to the "System Actions" page /bin/system/
2) Under the debug logging, Change the level level from IMPORTANT (10) to ALL (100),
3) Ensure that the Log to SysLog (UDP: 514) is set to enabled. This is the default setting.
4) Click the "Save" button
5) Click the "Generate configuration File" to download the current configuration from the CAS Gateway.
7) Run Wireshark and click the "Capture Options" button
8) Set the "Capture Filter" to "port 47808 || port 514"
9) Set the path to a folder where to store the Wireshark logs. "C:\temp\wireshark logs\2014April28_"
10) Check the "Use multiple files" and "Next file every" check boxes. Set the next file every text area to "20", "megabyte(s)"
11) Click the "Start" button on the "Wireshark Capture Options" dialog. The main dialog should fill up with BACnet messages as well as SysLog messages.
12) Reproduce the problem with the CAS Gateway, This may take a day or two if the problem is infrequent.
13) Send Chipkin an archive of the Wireshark logs and the CAS Gateway configuration.
Note: Depending on your configuration a HUB (Not a switch or router) maybe required to capture all the information from the CAS Gateway.
https://store.chipkin.com/articles/hubs-vs-switches-using-wireshark-to-sniff-network-packets
