Skip Ribbon Commands
Skip to main content

Xadean's Empirical Musing


Quick Launch

Xadean's Empirical Musing > Posts > Using Wireshark to Capture & Playback RTP Audio
July 05
Using Wireshark to Capture & Playback RTP Audio

Please refer to this article written by Tom Pacyk: Here is a summary of steps for convenience:


To get started, open your packet capture in Wireshark:

In the case of the capture collected on the Cisco phone we found the RTP packets were unable to be identified by Wireshark. They were purely UDP data as shown in the previous screen. In order to play these back we first needed to identify the RTP data. Highlight a UDP packet and then in the Wireshark menu click Analyze, Decode As, select RTP, and press OK.

You'll now see the same UDP data is identified as RTP traffic using the G.711 codec:

From the Wireshark menu now select Telephony, RTP, and Stream Analysis. You'll see the forward (sent) and reverse (received) audio RTP streams here. In this case we saw significant stream data bi-directionally from both capture points. This ruled out any kind of MTP problem and allowed us to validate the audio was being sent and received by both parties.

Press the Player button and click the View as time of day checkbox to listen to the audio stream. I typically select both the forward and reverse checkboxes and then press Play again to listen to both parties:


There are no comments for this post.

Add Comment


Body *