Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to install Wireshark on CUCM 7.1 server ?

Hi,

I have recently upgraded from Call Manager 4.1 Windows 2000 Server, to CUCM 7.1.3 Linux based system. It seems that the only way to communicate with the server is through a web page. Is there a way to access the CUCM 7.1 Linux prompt and install software directly, for example I would like to install Wireshark ?

Thank you,

Jack

8 REPLIES

Re: How to install Wireshark on CUCM 7.1 server ?

There is actually no need to do this. The CUCM server has a packet capturing tool available to you.

You can access the tool using "utils network capture". There are various command line arguments. If you wanted to capture to a file (for example) you could do something like:

admin: utils network capture file mycap count 100000 size all host all 10.3.2.21

Executing command with options:

size=all count=100000 interface=eth0

src= dest= port=

ip=10.3.2.21

This would create a file. When done, use "Ctrl-C" to stop the capture. You can then download the file to your workstation as follows:

admin:file get activelog platform/cli/mycap.cap

From there, load it into WireShark and have a ball.

I wrote up a blog on the procedures here:

http://www.netcraftsmen.net/resources/blogs/Cisco-Unified-Communication-Appliance-CLI-Power.html

Take a look and let me know if you have any questions.

HTH.

Regards,

Bill

Please remember to rate helpful posts.

HTH -Bill (b) http://ucguerrilla.com (t) @ucguerrilla

Please remember to rate helpful responses and identify

Re: How to install Wireshark on CUCM 7.1 server ?

Oh. I guess I should also add that loading software on the CUCM appliance models (like 7.1) is not permitted by Cisco. So, there is no way to load WireShark. Sorry for the double response. Just though I would add that extra tidbit in.

HTH.

Regards,

Bill

HTH -Bill (b) http://ucguerrilla.com (t) @ucguerrilla

Please remember to rate helpful responses and identify

New Member

Re: How to install Wireshark on CUCM 7.1 server ?

Thank you so much for your fast response. I followed your instructions on

the blob,

: file get activelog/cli/mycap.cap is not there, the command returns an

error that it cannot find the file.

try to search or tail the file with "file tail ...." and "file list ....", I

cannot find it.

It there a another way to see what is on the file system to see where my

file is.

Cheers!

On Tue, Apr 6, 2010 at 1:34 PM, wjbell-ncn <

Re: How to install Wireshark on CUCM 7.1 server ?

Jack,

The syntax of your file get command is wrong. It should be:

admin:file get activelog platform/cli/mycap.cap

If you want to check to see if the capture file is there, then you can use the following command:

admin:file list activelog platform/cli/*.cap

Now, keep in mind that you have to create the capture file first by using the "utils network capture". You can specify filters, etc. To see the syntax of the command use:

admin:utils network capture ?

HTH.

Regards,

Bill

Please remember to rate helpful posts.

HTH -Bill (b) http://ucguerrilla.com (t) @ucguerrilla

Please remember to rate helpful responses and identify

New Member

Re: How to install Wireshark on CUCM 7.1 server ?

It works, thank you!

My capture was wrong, it didn't capture anything in the first place.

Cheers!

On Tue, Apr 6, 2010 at 3:17 PM, wjbell-ncn <

Re: How to install Wireshark on CUCM 7.1 server ?

Excellent. Good news.

Please remember to rate helpful posts...

HTH -Bill (b) http://ucguerrilla.com (t) @ucguerrilla

Please remember to rate helpful responses and identify

New Member

Re: How to install Wireshark on CUCM 7.1 server ?

Hi William,

I captured the traffic off the UCM, all I see is SIP traffic, there is no

RTP packets - where is the voice traffic and how is it carried from 1 phone

to the other.

Thanks!

On Tue, Apr 6, 2010 at 3:34 PM, wjbell-ncn <

Re: How to install Wireshark on CUCM 7.1 server ?

With CUCM, the RTP traffic is streamed between the communicating endpoints. A CUCM node is never involved in a RTP stream unless it is being used as a MoH server, software conference bridge, software MTP, or Annunciator for a specific call. Annunciator and MoH would stream in one direction (CUCM to target end point (or mcast address)).

If you want to see the RTP traffic between two phones or between a phone and a gateway then you need to use SPAN or RSPAN. Further, your SPAN source needs to be on a network switch that physically transports at least a portion of the RTP streams (ideally, both sides of the stream).

HTH.

Regards,

Bill

please rate helpful posts.

HTH -Bill (b) http://ucguerrilla.com (t) @ucguerrilla

Please remember to rate helpful responses and identify

1750
Views
18
Helpful
8
Replies
CreatePlease login to create content