capturing encrypted voice traffic

Unanswered Question
Sep 16th, 2008

Hi,

I have implemented voice encryption on my Cisco ip phones.

However,i captured the network traffic during a conversation and i don't see rtp (or SRTP)p packets in my capture.

Only a lot of UDP packets and this only during the converstation,so when people actually are speaking.

Anyone who has an idea? Is this correct behaviour?

I should be able to find an SRTP stream or something so i can rebuild the voice stream?

I want to test if the encryption is ok,so i need to hear anything except voice :)

Thanks for some feedback.

Kurt

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
kurtdeneef Wed, 09/17/2008 - 01:03

Hi,

Thanks for your feedback.

This info seems very usefull...however,i'm using CUCM 6.1 (forgot to mention).

Or does that makes no difference?

From what i understand from the document,is that i only need to put the packet capture mode to batch processing mode (only option in 6.1) and i should be able to see the SRTP packets after my sniffer?

Kurt

kurtdeneef Wed, 09/17/2008 - 01:44

more news,in my sniffer,i selected "decode as RTP" and now i see the rtp packets with thier payload type.

If i want to save the (both directions) stream in a .au file,i get the error message "Can't save in a file:saving in au format supported only for alaw/ulaw streams"

This works fine normally when you try to analyse an unencrypted RTP stream.

Any advise?

Thanks,

Kurt

Actions

This Discussion