Knowledge Article

< Back
You are here:

Packet Capture Walkthrough

Packet Capture Walkthrough

When a Sidekick is deployed at a location, you can remotely collect a packet capture for a single device from the Reply Portal. There are two places in the Reply Portal where a packet capture can be initiated and retrieved. The first place is on the Devices tab. While on the devices tab you can locate or search for the device that you would like to collect a packet capture for and click the packet capture button under the manage column on the right side.


With a mirror port connected, simply click the “Begin Capture” button and the capture will begin. If a mirror port is not available, the device can be plugged into the mirror port on the Sidekick. Reboot the device and click on “Begin Capture”. While a packet capture is in progress, any required test calls can be made to or from the device and all traffic will be captured and available when the PCAP file is downloaded.


The second place to initiate a packet capture is on the Location’s Dashboard. On the monitor panel under the devices tab, you will see a list of all devices at that location, and can initiate a packet capture in the same way. 


The capture will run for 5-7 minutes. Once the capture is complete and ready to download, you will be able to click on the “Download PCAP File” button and open the PCAP file in Wireshark.

It is important to note that Reply truncates captures by default. While running a packet capture, the Sidekick is only capturing the first 576 bytes of packet headers the capture will not have full RTP media data. If you need to capture all RTP data for troubleshooting purposes, you can enable full packet capture under the settings tab for that customer account.