FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
omontanez
Staff
Staff
Article Id 192447
Description
This article describes how to decode G711 VoIP calls for voice troubleshooting.
Solution

Voice call has two legs.

To troubleshoot, analyze each leg to identify if there are voice problems in internal or outside FortiGate network.

omontanez_Apr01.jpg

1) Use the following command:

#diag sniffer packet [Int] ‘host [IP IPPBX]’ 6 0 l




2) Make a call from A user to B user (for troubleshooting purpose try that call will not be as longer than 10 seconds of duration including audio).

3) Convert .txt file to .pcap following next procedure using fgt2eth.exe tool.

4) Open file in Whireshark and select Call -> Telephony -> VoIP Calls.


omontanez_apr03.jpg



5) Find SIP messages invite (from A to B)  and 200OK/SDP (From B to A) it will contains SDP with codec and UDP ports that was used for RTP (audio).



omontanez_apr04.jpg


6) Invite (from A to B) in SDP field 'Media Description' shows port used for RTP from phone device side and codec proposed for it.


omontanez_apr05.jpg


7) 200OK/SDP  (from B to A) in SDP field 'Media Description' contains codec selected or supported by far end (it must be G711A(PCMA=0) or G711Mu(PCM=U) and RTP ports from FortiGate side.

 


omontanez_apr06.jpg

8) Once that RTP port from pone device and fortiGate has been found, apply filter in Whireshark for these ports.

 (udp.port == 40046) || (udp.port == 11304)

9) Select Telephony -> RTP -> RTP Streams.


omontanez_apr07.jpg


10) Select both and select 'analyze', after select first packet and click 'play streams'.



omontanez_apr09.jpg


Audio will be displayed and conversation is reproduced from one side (from A to B or B to A) or both simultaneously.



omontanez_[object Window]_apr10.jpg


Related Articles

Troubleshooting Tool: Using the FortiOS built-in packet sniffer

Contributors