The tcpdump tool is the main troubleshooting tool of Avaya SBC, which can capture network traffic. Using tcpdump is a reliable way to analyze the information arriving to and sent from Avaya SBC. However, tcpdump has its own limitations, which can make troubleshooting difficult and time consuming. This traditional tool is not useful in handling encrypted traffic and real-time troubleshooting.

You can use tcpdump to capture packets from the CLI if you need to capture more than 10000 packets. After the captures are taken, ensure you stop the command.

SIP and PPM traffic is encrypted especially in Remote Worker configurations. Checking encrypted traffic with a network capture is difficult and time consuming. The delay occurs because the unencrypted private key of the Avaya SBC is needed to decrypt the TLS and HTTPS traffic.

For packet capture started through GUI, the output files are stored in /archive/pcapfiles/IPCS2.