SIP traffic missing

asked 2021-10-22 19:14:25 +0000

netguy28655 gravatar image

I have mirrored the port that the phone is on. I have a new installation of Wireshark with default configuration. I am able to create a capture file while I am receiving and and making phone calls. When completed, I do not have any SIP traffic in the file. Is this a Wireshark configuration setting or more of a switch/phone issue? The calls are successful.

The default port for SIP is 5060. Can you verify if the capture has either UDP port 5060 or TCP port 5060 packets?

BigFatCat gravatar imageBigFatCat ( 2021-10-23 08:16:40 +0000 )edit

answered 2021-10-23 05:38:46 +0000

Jaap gravatar image

Wireshark shows SIP traffic right out of the box, so this would likely be an issue with the way capture is setup. Either the switch mirror configuration, VLAN tagging, etc.

The traffic may be encrypted.

Anders gravatar imageAnders ( 2021-10-23 21:27:54 +0000 )edit

