Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
636
Views
0
Helpful
1
Replies

cisco call manager Ethereal/Wireshark Captures

luigitonni
Level 1
Level 1

‎01-04-2008 04:00 AM - edited ‎03-15-2019 08:02 AM

Hi.

I am trying to connect the CCM & CCME to a SIP network using a SIP trunk.

So i am asking if someone has Ethereal/Wireshark captures of the signaling flows associated with the establishment of calls to/from CISCO Call-Manager to/from a SIP network.

thanks

Labels:
0 Helpful
1 Reply 1

smalkeric
Level 6
Level 6

‎01-10-2008 09:54 AM

Open your sniffer capture in Ethereal. Make sure to uncheck the boxes for Enable MAC name resolution and Enable transport name resolution. This greatly speeds up the load time.

Find all of your Real-Time Transport Protocol (RTP) streams and make sure they are recognized as RTP streams. If they show up as User Datagram Protocol (UDP) packets, right-click one of the packets, choose Decode As and then select RTP. Do this for all of the streams you are interested in.

Go to Analyze > Statistics > RTP Streams > Show All.

Note: The location of RTP Streams > Show all menu items may differ depending on your version of Ethereal.

You should see a window that has a list of all the RTP streams found in the capture file. Select your forward stream by clicking with the left mouse button. Select the reverse stream by holding the Shift key and left clicking on it. Above the buttons at the bottom of the window, it should now list both streams, including IP addresses (Source [SRC] and Destination [DST]) and the RTP Synchronization Source (SSRC) field.

Select the Analyze button. This pops up yet another window with detailed analysis for the RTP streams you selected previously. Select the Save Payload button. Choose which payload you want to save (forward, reverse or both), the filename and the path. This creates a .au file in the path you specified that will have both directions of the RTP stream.

If you have difficulty, make sure that before you select the Analyze button that it shows valid forward and reverse streams. If it only picks up one direction of the RTP stream, it will not allow you to save a payload with both directions selected.

0 Helpful
Customers Also Viewed These Support Documents