Recently I was troubleshooting a WiFi roaming problem at a customer site. At some point I was suspecting an application timeout. In order to verify this on the WiFi side, I had to decrypt the 802.11 WEP packets. WireShark in combination with AirPcap can achieve this for you. It is quite easy to setup.
First, I used three AirPcap WiFi adapters to capture traffic on channels 1, 6 and 11. See picture below.
Next, from the AirPcap control panel I provided the WEP key for a specific SSID as follows:
Then, I launched WireShark and from the Wireless toolbar, I selected 'Driver' from the Decryption Mode pull down:
Finally, I started capturing 802.11 frames by selecting AirPcap Multi-Channel Aggregator:
Done! 802.11 packets are being captured and are displayed in decrypted format.
You can achieve the same thing for WPA and WPA2, but this is handled by WireShark, not the by the AirPcap driver.
References
