I am using the sniffer with Wireshark to watch some data being passed by my central and peripheral. I started with the multilink central and peripheral examples. Unfortuantely, Wireshark always tells me it can't decrypt the data because the MIC is bad. However, I don't want things to be encrypted now, so I have set the attributes to BLE_GAP_CONN_SEC_MODE_SET_OPEN(). I thought that would keep the data from being encrypted, but in Wireshark the last packet I can read properly is "LL Control PDU: LL_START_ENC_REQ". So things seem to be getting encrypted, but shouldn't setting my security to open prevent the connection from being encrypted?
In a related question, I saw another post that said I have to be sniffing before the connection is bonded, which I am doing, so even if it is encrypted, shouldn't I be able to sniff the packets?