How to capture Wireshark packets when using a switched network in Windows

Solution 1:

4. Configure a switch port to be a monitoring port.

This way you will get all traffic on that port. This Netgear model has this configuration option. It's called "port mirroring" on Netgear switches.

Solution 2:

Option # 1 is what I use most often when capturing traffic for specific ports or hosts. The hub essentially acts as a passive network tap allowing your laptop to see all the traffic sent/received by any of the hosts connected to the hub. You can get a hub here:

http://www.amazon.com/Netgear-EN104TP-4-Port-Ethernet-Uplink/dp/B00000J4M9/ref=sr_1_1?ie=UTF8&qid=1298388547&sr=8-1

Are the phones connected to a switch that's separate from the rest of the devices on your network or is everything plugged in to the same switch?

Edit:

I was going to suggest an option 4 as well, and I do carry a small switch set up for the purpose of port mirroring, but honestly if you have or can easily get a hub it's a lot less work.

Solution 3:

Option 4 is your best bet. You want to setup a port mirror of the ports that contain the SIP devices you want to monitor an then connect your laptop to the output port. That will tell the switch to mirror all packets from the originating port to the monitoring port so that you can do packet captures.

I'm not familiar with Netgear equipment but any managed switch can mirror ports to some extent (sometimes you are limited to the number of monitored ports). It should be in the documentation exactly how to do this.