MX Packet Capture?

Here to help

MX Packet Capture?

I need to do a packet capture for voice traffic from a couple VpIP phones from site A to site B.  Only one of the sites has a PRI for outgoing calls so all the traffic for branch offices goes over WAN.  The internal extension dialing has been hit/miss so I want to do a packet capture on the MX64 as well as site B MX64.  Is it as simple as configuring a packet filter for host at each site to capture that traffic? 

Kind of a big deal

I would pull the whole pcap, drop it into Wireshark, and perform your filtering there. Sometimes you'll get funky results when you try to filter using the dashboard.

Kind of a big deal


Meraki Alumni (Retired)

You can always filter the traffic with the following rules, please note that the maximum packet capture duration is 432000 seconds, the capture will stop after 60 seconds, or when 5000 packets have been captured.


packets to and from ip address
host and port 80
packets to and from ip address and TCP or UDP port 53 (DNS)
icmp[icmptype] != icmp-echo and icmp[icmptype] != icmp-echoreply
all ICMP packets that are not echo requests/replies (i.e., not ping packets):
ether host 11:22:33:44:55:66
packets to and from ethernet host 11:22:33:44:55:66


It is always preferred to run the packet capture without the dashboard filters and use Wireshark filter when we want to check inside header values (i.e. caller and calling station id in radius packets) 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.