IntroductionThis guide will help you to capture and analyze SIP traffic using WireShark which is very useful to find the cause of VoIP problems.
Wireshark interface selectionTo start a SIP capture:
- Download and install WireShark, which can be downloaded from www.wireshark.org
Start WireShark and select the interface that Wireshark shout use to capture packets.
This is the first icon below the word file or ‘Interface List’ on the screen below.
Click 'Start' to start capturing. Generally you want the one with the largest increasing number of packets
Adding Display FilterNow you should see all types of traffic passing through your network interface.
Let's apply a capture filter to limit the number of packets you have to deal with.
Go to Wireshark filter's box and enter the value "sip". Then hit enter.
That's it. Only relevant packets are shown.
Exporting SIP TraceThis section can be very useful in case you need an assistance.
SIP Trace is a best way to troubleshoot basic SIP issues.
Go to File > Save As...
Type in the name of the file you wish to save the captured packets in
Select the range of the packets to be saved.
Make sure you select to save only "Displayed" packet (those you filtered in previous section).