This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Wire shark traces info

0

I have set the codec to be used as G.711A and chosen media encryption as AES in PBX.Now when i make a p2p audio call between my endpoints the Wireshark traces shows payload type as unknown.Is it the expected behavior? If i choose other encryption method such as 1-srtp then the payload type shows the codec used.

asked 18 Apr '13, 01:40

Rahul_028's gravatar image

Rahul_028
1111
accept rate: 0%


One Answer:

0

chosen media encryption as AES in PBX.

if you are using RTP, then that's expected behavior, as the RTP dissector does not support decryption.

the Wireshark traces shows payload type as unknown.

That's probably due to an 'unknown encryption' scheme, as the RTP dissector should detect SRTP and the encryption method (AES).

Is it possible to post a sample capture file somewhere (google docs, dropbox).

BTW: You could try to use pcaputil. That's a small tool of the pjsip project. I have not yet used it, but the docs say it is able to decrypt SRTP if you give it the master key.

Regards
Kurt

answered 18 Apr '13, 02:22

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

edited 18 Apr '13, 02:36