I'm new to Wireshark. I did some traces from IP phone over a SIP trunk to the PSTN. Trace shows no RTP, but I know it was being used. Is RTP off by default? Thanks This question is marked "community wiki". asked 15 Apr '11, 13:54  greekgeek |
One Answer:
Go to Preferences | Protocols | RTP, check the box "Try to decode RTP outside of conversations". answered 11 Apr '13, 04:09  Jaap ♦ |
Hi, If you look in the SIP messages carrying SDP you should see the IP and port used for RTP are those packages in the trace? Wireshark uses the SDP information to find out which packets are RTP if the SDP isn't present. Wireshark can't find the packets. Check out the RTP preferences for other options.
I've got the same problem here. I am taking traces on an RTP stream that uses an SAP announcement with SDP information in it instead of getting the SDP info from RTSP. Wireshark is not recognizing the RTP packets.