Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3597
Views
5
Helpful
7
Replies

How to capture packets on ip communicator using wireshark

fgramos01
Level 1
Level 1

‎04-20-2016 04:53 PM - edited ‎03-18-2019 11:56 AM

Hi. I'm trying to capture packets while i am engage to a call using my ip communicator to other site using their ip phones using wireshark. I already tried the capture on lan interface. 

Labels:
0 Helpful
7 Replies 7

Terry Cheema
VIP Alumni
VIP Alumni

‎04-20-2016 05:12 PM

1) Launch wireshark - Go to list of available interfaces.

2) Select the interface you are connected to - You should be able to see traffic on that interface.

3) Click start - it should start capturing everything

4) You can filter the sccp traffic by typing skinny in the filter

5) You can filter the media by typing rtp in the filter

6) you can use various other filters source, destination, ip address etc.

-Terry

Please rate all helpful posts

Terry Cheema
VIP Alumni
VIP Alumni
In response to Terry Cheema

‎04-20-2016 05:15 PM

Re-read your post looks like - not sure, you may be after port spanning?

0 Helpful

fgramos01
Level 1
Level 1
In response to Terry Cheema

‎04-20-2016 05:28 PM

If i am connected to the LAN is right i should choose lan interface on wireshark? And is there something i should enable on the phone configuration to capture the packets? Our main issue is we are having a one way audio when we are recieving calls from other branches of our office from other regions. That's why we want to capture the packets.

0 Helpful

Terry Cheema
VIP Alumni
VIP Alumni
In response to fgramos01

‎04-20-2016 05:32 PM

If you run wireshark on your PC and you are connected by ethernet cable and you start capturing the packets on LAN interface - it will capture all packets in/out your PC NIC. You can further filter the traffic by applying the filters.

0 Helpful

fgramos01
Level 1
Level 1
In response to Terry Cheema

‎04-20-2016 05:36 PM

Hi. Thanks. What filter should i apply so i will only see the packets coming from my ip communicator?

0 Helpful

Terry Cheema
VIP Alumni
VIP Alumni
In response to fgramos01

‎04-20-2016 05:50 PM

If you are using SCCP type skinny, if you are using SIP type sip in filter. This will filter the signalling. You can check in cucm if your CIPC is registered as SCCP or SIP end point.

To filter media - type in rtp.

For more filters based on ip addresses etc. : https://wiki.wireshark.org/DisplayFilters

-Terry

Please rate all helpful posts

0 Helpful

fgramos01
Level 1
Level 1
In response to Terry Cheema

‎04-20-2016 08:07 PM

Hi thank you very much for the info. I have another question. How am i going to do a traceroute going to cucm and the ip address of the ip phone of the party i am engaged with? Thanks again

0 Helpful
Customers Also Viewed These Support Documents