Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-users: Re: [Wireshark-users] VoIP Analysis for Dummies

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Anders Broman \(AL/EAB\)" <anders.broman@xxxxxxxxxxxx>
Date: Thu, 22 Mar 2007 18:19:03 +0100
Hi,
Are the packets from the Phone to the Asterix sever UDP or TCP packets
if you examine a few of those packets
Can you see SIP inside?(look in the bytes pane as it's a text base
protocol you should be able to identify it)
If they are TCP packets what ports are used? (Check
Edit->preferences->Protocols->SIP for the TCP port preference used).
Best regards
Anders 

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Cliff
Weisgerber
Sent: den 22 mars 2007 18:02
To: 'Community support list for Wireshark'
Subject: Re: [Wireshark-users] VoIP Analysis for Dummies

Jaap,

Yes, it is a LinkSys NH1005.  I believe it is indeed a hub as I can see
traffic between HUD on my PC and my asterisk box.  I see multicast
packets from a LinkSys phone (obviously) and, if I do not filter, I see
a bunch of stuff between my PC, the two phones and everywhere else hence
my previaously stated belief ;)

I see no SIP or RTP packets and am lost as to why.

Cliff
"On Wednesdays I go shopping and have buttered scones for tea."

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Jaap Keuter
Sent: Thursday, March 22, 2007 10:38 AM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] VoIP Analysis for Dummies

Hi,

Are you ABSOLUTELY sure it's a hub? Many are switches underneath.
Check out the Wireshark Wiki on suspicious hubs.

Thanx,
Jaap

On Thu, 22 Mar 2007, Cliff Weisgerber wrote:

>
>
> Hi,
>
>
>
> I am trying to use wireshark to trace VoIP activity.  First, I must 
> plead ignorance as far as doing network sniffs - I have used ethereal 
> in the
past
> and now wireshark but am no expert at this.
>
>
>
> My problem:  I see no SIP or RTP traffic on the traces I am doing.  I 
> am filtering out just the traffic between a couple of phones, the 
> gateways in the network and my asterisk server.  My phones and the PC 
> running
wireshark
> are all on the same LinkSys hub so I should see this stuff, shouldn't
I?
I
> make calls between the phones and see nothing.
>
>
>
> What am I not doing correctly?
>
>
>
> Thanks for helping a newbie!
>
>
>
> Cliff Weisgerber
>
>
>
> Cliff
>
> "On Wednesdays I go shopping and have buttered scones for tea."
>
>
>
>

_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users

_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube