The resulting traffic should show only traffic comming to and from the IP phone.ģd. To filter down use the eth.addr filter with the MAC Address of the IP phone. Depending on the current PC activity it could be a lot of traffic. View IP Packets Using Wireshark 1 Download Wireshark 2 Install Wireshark 3 Start and Configure Wireshark 4 Set Capture Options 5 Start and Stop Capturing. Published in: 2017 5th International Symposium on Digital Forensic and. Traffic should start to scroll down on the window. As it is shown, network packets coming from/sent to IP cameras can be traced and. This will open the capture interfaces dialog, were you can select the NIC connected to the back of the IP phone we will capture. Open Wireshark and click on the first NIC to the left. Note 79 Cisco IP Phones do not support the span to PC port feature, all data is automatically sent to the PC port. About Press Copyright Contact us Creators Advertise Developers Terms Privacy Policy & Safety How YouTube works Test new features Press Copyright Contact us Creators. ![]() Save and reset the phone so it can retrieve the new configuration file. This will trigger a change to the phone's TFTP configuration file. There should be a PC connected to the back of the IP phone in the PC port, and the phone connected to the Switch.įrom the IP phone configuration page, scroll down to the Protocol Specific Configuration section, and enable the "Span to PC Port" configuration option. These instructions are relevant for Cisco IP Phone Models, 7941, 7942, 7961, 7962, 7965, 7970, 7975, 99xx, 89xx, and 699xx.įor models 79, skip Step 2 since "Span to PC Port setting" is not required. From there, the data can be captured using a packet capture utility. It can be enabled to copy all traffic entering into the SWITCH port, and send it to the PC port. Expand the lines for Client Identifier and Host Name as indicated in Figure 3. Go to the frame details section and expand the line for Bootstrap Protocol (Request) as shown in Figure 2. Select one of the frames that shows DHCP Request in the info column. This article describes how to collect the capture using the IP Phone's built in PC ports. Figure 1: Filtering on DHCP traffic in Wireshark. ![]() There are many ways this can be accomplished. For troubleshooting purposes one may need to gather a packet (sniffer) capture from an IP Phone.
0 Comments
Leave a Reply. |