UCS 5.1.1 officially added a remote packet capture option to the phone in order to troubleshoot issue and provide wireshark traces if required.
<capture diags.pcap.enabled="1" diags.pcap.remote.enabled="1" />
Above Parameters activate the feature on the Phone.
The UCS 5.1.0 Admin Guide describes this on page 170 in the Remote Packet Capture for Logs section.
- To start using this feature please download Wireshark from => here <=
- Start Wireshark after the installation and select the Capture Interface Options
- Manage Interfaces => Remote Interfaces => Add
- IP Address of the phone
Port 2002
Username: Polycom
Password: MAC Address of the phone in lower case and no colon ( : ) - Once OK is pressed the interface should show up
- Leave this menu via cancel
- You are then able to select this new Interface
- If an error message in regards the Buffer appears please click on OK
VLAN or additional Network Interfaces:
In the above photo the Phone uses a VLAN 242 but on a Trio as an example the WiFi interface can be displayed and selected.
Additional Settings
In addition to the above Wireshark can also be configured to capture a rolling trace with options to set a duration or a certain file size or the amount of files to be captured.
- Capture > Options > Output
Filename: Testfile.pcap or Testfile.pcapng
The above will create 100MB files up until Wireshark is stopped
Ticking "Use a ring buffer with" Files can be used if the Trace should run for a certain duration i.e. an issue is reproduced but a "rolling" Trace should capture the issue. Make this a larger number so the event is not missed. - Capture > Options > Options
The above allows specifying the amount of files that should be created until the Trace is being stopped automatically - Capture > Options > Input > Capture filter for selected interfaces
The above is usually selected to ensure only the traffic of a certain device is captured
Capture Range of Devices
Example:(eth.addr[0:3]== 00:04:f2 or eth.addr[0:3]==64:16:7F or eth.addr[0:3]==9c:ad:ef or eth.addr[0:3]==48:25:67)
The above will only capture data from a Poly MAC Range. - VLAN's
Traditionally Windows PC's do not capture the VLAN Tag to show in Wireshark
This must be enabled via a Registry entry:
https://wiki.wireshark.org/CaptureSetup/VLAN
http://www.intel.com/content/www/us/en/support/network-and-i-o/ethernet-products/000005498.html
Troubleshooting:
Settings > Logging > Module Log Level Limits > Packet Capture > Event 1
0814203258|pcap |3|00|Successful RPCAP authentication 0814203259|pcap |3|00|Received RPCAP_MSG_OPEN_REQ 0814203259|pcap |3|00|Received RPCAP_MSG_STARTCAP_REQ 0814203259|pcap |3|00|Foreground Start event in Idle state 0814203259|pcap |1|00|RPCAP filter intruction: code=0x6 jf=0 jt=0 k=0x40000 0814203259|pcap |0|00|RPCAP data thread started 0814203259|pcap |3|00|Received RPCAP_MSG_UPDATEFILTER_REQ 0814203259|pcap |1|00|RPCAP filter intruction: code=0x28 jf=0 jt=0 k=0xc
Wireshark Error Message "Can't get list of Interfaces":
Using the functionality may cause this error
To resolve this use Explorer and browse to
%userprofile%\AppData\Roaming\Wireshark
and delete “recent” and “Recent_common”
Wireshark Capture ObiEdition VVX x50, Edge B, Poly VVX D230
- Browse to the IP address of the Phone
- Enter the username and password, the default is admin/admin
- System Management > Device Admin > Packet Capture > On
- Replicate the issue and then turn off the trace
- System Management > Device Update > Extracting PCAP Capture Result > Click on
Press Extract to Start Process
Wireshark Capture Obi Poly Rove Base Station
- Browse to the IP address of the Phone
- Enter the username and password, the default is admin/admin
- Platform > Diagnostic > Logging
- PCAP internal Tracing select the appropriate field.
Example Trace packets to/from this base (except Audio) - Select Save
- When the issue was duplicated or reproduced, select download traces from the current base station
Note: We can store/capture up to 18Mbytes of PCAP data
