Hi,
Most likely no. You'll see the traffic for the PC NIC only.
You would need to capture traffic on the switch to see both voice and data.
Cheers,
JF
This is when it is good to have an old HUB ,not a switch laying around.
You are not supposed to see the voice traffic. What you actually plugin to on the IP phone is a three port switch, one uplink port to the Cisco switch, one port internal for the IP phone and one for the PC. So the voice traffic directed to the IP phone comes into the uplink port and then stays in the IP phone through the internal port. The other traffic (for your PC) goes out the second external port. When you want to see the voice traffic you need to capture on the uplink port. This usually means inserting another capture switch between the uplink port and the Cisco switch port, or a span port on the Cisco switch.
See the CaptureSetup/Ethernet page on the Wireshark Wiki for more information on capturing on switched networks.
From what I have tested, the best way to see both types of traffic, is to do a span/rspan session of a trunk port on the switch and send it to my wireshark pc. As all traffic has to traverse the trunk port on the access switch to go up to the core/distribution layer. So if voice and data separation is done correctly via different broadcast domains (vlans), you guys are right, I should not being seeing voice traffic from my pc as this pc sits on the data vlan and voice on another vlan.
The "V" in "VLAN" stands for "virtual"; ultimately, on an Ethernet network, a machine is plugged into a physical LAN, so, as long as the network adapter and adapter driver/networking stack can be put into a mode where raw Ethernet packets are delivered and provided to a capture application, VLANs don't matter.
Asked: 2019-05-16 23:31:49 +0000
Seen: 2,357 times
Last updated: Jun 03 '19
