Hi..
We have firepower FW that is used to filter the VOIP traffic to our telephony platform.
When we are troubleshooting voip issues it is good if we can dump the SIP and RTP on the firewall.
We can do this from the FMC but the buffer is limited to 32 MB and we have high traffic load so the buffer gets full fast.
Have been reading that from FTD we can use the capture traffic command and then their is not a buffer limit, tried but dont get it to work tried this
Capture-traffic
1
Example of -w <filename> option:
-w capture.pcap -s 1518
Great to get it in a .pcap so it can be read in Wireshark but i dont get all traffik dont get the RTP streams.
We have several outside VLAN's also tried to filter on that and host but no luck. Anyone have any hints how to accomplish this capture so we get all traffic regarding VOIP (SIP, RTP) in a pcap file for troubleshooting