atcomsystems.ca/forum
Posted By: Bushmills wireshark set up for 7100 - 05/13/15 07:51 PM
Hi Folks,

Can anybody help me with setting up wireshark to capture the SMTP session packets from a 7100?

We're having an issue with email gateway. It looks like it is the SMTP session request is getting rejected by the ISP's SMTP server according to the activity log in the DM.

What I'm looking to do, and having no luck with, is capturing the SMTP session request from the 7100.

I've tried using wireshark wide open in promiscuous mode but it doesn't show any traffic when it tries to send the mail.

I can see traffic when using the DM, so I know that it is visible on the network, and the DM activity log shows a response from the SMTP server so I know that the router/firewall isn't getting in the way.

Thanks in advance!

-Will
Posted By: JBean3329 Re: wireshark set up for 7100 - 05/13/15 08:05 PM
Try looking at the error log. It lists a little more info when an email fails to send than the activity log does, such as response codes and reasons (failed authentication for example)and may be more helpful without resorting to Wireshark, which may not tell you anything at all.
Posted By: Bushmills Re: wireshark set up for 7100 - 05/13/15 08:23 PM
It gives just a 501 error which apparently is a kind of generic authentication error. That's why I'm hoping to actually see what information is being sent in the session request.

Posted By: nameless Re: wireshark set up for 7100 - 05/13/15 08:40 PM
Try typing debug on the port activity screen.
This will make it show lots more information
Posted By: Bushmills Re: wireshark set up for 7100 - 05/13/15 09:24 PM
@nameless,

I cannot seem to find a port activity screen. Are you referring to Wireshark or the DM?

What I really don't get is why there is no visible network activity when the 7100 is trying to send the email.

-W
Posted By: Genesiscomm Re: wireshark set up for 7100 - 05/13/15 11:40 PM
The port activity screen for the 7100 is accessed via telnet. As far as wiresharking the system I either mirror the switch port if using a managed switch or I carry an old hub if there isn't a managed switch.
Posted By: Scorpion Re: wireshark set up for 7100 - 05/15/15 08:41 AM
I would also recommend using a Mirror switch. Always handy to carry on you.
Posted By: Bushmills Re: wireshark set up for 7100 - 05/25/15 10:20 PM
Thanks all. I ended up putting a second nic in the computer and bridging the two connections in windows. Worked a treat.

Cheers,

Posted By: micky Re: wireshark set up for 7100 - 06/03/15 02:33 PM
I always carry one of these in my bag:

https://dual-comm.com/port-mirroring-LAN_switch.htm

USB powered as well so no need to look for a power outlet, and the PT version passes PoE through too.
© Sundance Business VOIP Telephone Help