Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IP Office Server Edition - tcpdump / Wireshark

john3voltas

john3voltas

Technical User
Nov 12, 2013
109
3
18
PT
Hi there.
IPO SE has an option under :7071 to capture packets. Such capture is supposed to be a tcpdump capture that can later be downloaded.
We have a customer experiencing one-way-voice-only on a couple of phones (1608 and an analogue connected to an ATA device). Those 2 telephones are the only ones affected by the issue and those are the only two sets that have been installed on a given remote office.
All other remote offices are fine. Just this one is experiencing the issue.
Their networking/security team asked us to grab some tcpdump captures that can shed some light on the issue. But after grabbing the dump, unzipping it, un-taring it and loading it in Wireshark, I end up with something that apparently can't be decoded by wireshark and seems to be a bit hexadecimal-ish.
Anyone with experience in loading the packet capture in wireshark that can give us some hints?
Usually I'd do a port-mirror on the switch but apparently this particular lan switch doesn't have that option...?!...or at least, so they say.
Thanks in advance.
Cheers

1728918420311.png
 
Sort by date Sort by votes
Hey John

I use this without issue, it provides a file .pcap0 and I open it in wireshark and it looks normal. Your screen grab looks like the normal details pane.

System I have done this one are all R11.1 Wireshark version is 4.0.5

I realize I haven't provided much help, perhaps it's a display issue or version issue on one side.

Here is a screen shot of a trace captured from my lab system.

1728985400141.png
 
Upvote 0 Downvote
I don't like the start/stop from WebUI and login via SSH and become root.

There use the following command:

Code: 
tcpdump -i eth0 -w /home/Administrator/test.pcap
Afterwards change owner:
Code: 
chown Administrator:Administrator /home/Administrator/test.pcap

Then you can download the file with WinSCP. This way you have the option to add some filters and no restrictions.
 
Upvote 0 Downvote
Thank you both.
I now know what I was doing wrong. I was archiving and downloading the debug logs instead of the packet capture logs.......

1728988684784.png

I'm leaving this print so that no one falls for the same mistake I fell.
Thanks a bunch guys.
Cheers
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

Diya Freahat
  • Question
IP office server edition time 12 hour format
Replies
1
Views
2
john3voltas
john3voltas
shamorau
  • Question
Server Edition IP office service restarts randomly
Replies
2
Views
172
SA.ni
SA.ni
smartedge1
  • Question
SERVER EDITION WEBSOCKET
Replies
7
Views
611
derfloh
derfloh
Richard_Harrow
  • Locked
  • Question
Avaya IP Office Essential Edition R11.1.3 showing incorrect date and time
Replies
4
Views
153
Nortel4Ever
Nortel4Ever
William C290
  • Solved
Server Expansions 500v2 12.0 unallocated Server Edition License 1
2
Replies
22
Views
866
William C290
William C290

Part and Inventory Search

Sponsor

Back
Top