Wireshark-users: Re: [Wireshark-users] openvpn and packet sniffing

Bill Fassler wrote:
> I'm working development of a VoIP project which is using openvpn on the
> server side. Debugging is very tricky because I can't see the RTP
> packets.

"Can't see" in what sense?

> Is there any mechanism or plugin for wireshark or ethereal
> that would allow me to see the RTP packets?

If "can't see" means that the packets aren't in the capture, that's
probably an issue with whatever capture mechanism you're using, so it
can't be fixed at the Wireshark level.

If "can't see" means that the packets *are* in the capture but aren't
recognized by Wireshark as RTP packets, then try either

1) try turning the "try to decode RTP outside of conversations"
preference for RTP on (that causes RTP to try to guess what packets are
RTP packets - the problem is that there's no fixed port number used by
RTP, and no reliable signature to identify RTP packets, so it has to
guess, and it might guess wrong)

or

2) use the "Decode As" option to force the RTP packets to be decoded as
such.
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users