Buy or Renew
Buy or Renew
Cisco + Splunk: Itā€™s a new day for your data. Learn more.
Ā 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
138
Views
5
Helpful
1
Replies

Cisco ip phone sniffing

zheaisnsaabn
Level 1
Level 1

ā€Ž08-25-2018 06:45 AM - edited ā€Ž03-17-2019 01:23 PM

i'm working on project for our customer service department in our company

when phone get a call a popup appear  in employee computer

if this is an old customer his data appear in this popup

if not will appear that he isn't a customer in our company

anyway whose responsible on Cisco systems sent the phone vlan traffic to a pc 
and i'm developing an application with c#  and use pcap library to get the packet as bits

what i what to know how to know what is in this packet and what is the attributes in this packet

so any one can help please

Labels:
0 Helpful
1 Reply 1

Jonathan Schulenberg
Hall of Fame
Hall of Fame

ā€Ž09-02-2018 12:45 PM - edited ā€Ž09-02-2018 12:48 PM

This seems like the least flexible way to solve that problem. Cisco phones use SCCP or SIP so your packet sniffing approach would need to support one or both protocols depending on the endpoint models in use. Additionally, Cisco changes the behavior of these protocols with little to no public announcement since they expect the phone and call agent to both be Cisco. This tripped up call recording vendors for years back when they relied on packet sniffing to see calling/called party information on the Voice VLAN. It wonā€™t work for MRA- or VPN-connected endpoints. It also wonā€™t support any call authentication/encryption if you choose to enable it in the future since that would wrap the SCCP/SIP inside a TLS tunnel.

I suggest you look into using the TSP client to provide either a TAPI or JTAPI interface. Additionally, I suggest installing the TSP on your application server and not individual client PCs since the TSP has to be updated anytime you patch CUCM. This is the normal approach to getting live call event data.

https://developer.cisco.com/site/jtapi/

Customers Also Viewed These Support Documents