Skip to main content

Troubleshoot Bitdefender update fails using Wireshark

Context

When your Bitdefender product cannot obtain product/signature updates from our Update Server, the Bitdefender Enterprise Support team may request a packet capture for troubleshooting the issue. For this purpose, we recommend using Wireshark, a free (open-source) packet capture software broadly used for analyzing network traffic.

Issue

The Bitdefender Enterprise Support team usually requests a Wireshark capture for the following scenarios:

  • The endpoint or the relay server fails to retrieve updates from Bitdefender Update Server (upgrade.bitdefender.com) or from the local relay server with errors indicating that a content-filtering solution or a network firewall might be blocking or filtering the packets.

    For example, error code 1011, which indicates an IO time out in the Bitdefender product interface:

    16274_1.png
  • Excessive traffic bandwidth usage during the distribution of product/signature updates to target endpoints.

Solution

Follow the next instructions to capture network packets with Wireshark and send them to the Bitdefender Enterprise Support team:

  1. Install the Wireshark application.

  2. Launch Wireshark.

  3. Click Capture > Options….

    16274_2.png
  4. Click the interface on which you need to capture packets.

    16274_3.png
  5. Click Start to start the capture.

  6. Reproduce the reported issue.

    Note

    Avoid running any internet application during the capture (close all web browsers, instant messengers, etc.).

  7. After reproducing the issue, return to Wireshark and click Stop.

  8. Click File > Save as to save the capture as a default libpcap file format (.pcapng extension).

  9. Send the capture file to the Bitdefender Enterprise Support team via the support ticket.