Agent-IC - How to Verify Port Forwarding is Working

This application note will describe how to use Wireshark and a Sharktap to verify that port forwarding has been set up correctly at the firewall.

Wireshark is a powerful freeware tool that allows in-depth analysis of IP connections. It can be downloaded here:


A Sharktap is a useful hardware interface designed to be used with Wireshark to monitor traffic on a single link. More info on the Sharktap here:

Alternatively, port mirroring can be set up on a manged switch to achieve the same result as the Sharktap.

In order for Agent-IC to work using public internet, a port on the firewall must be opened. The default port is 6001, and a port forwarding rule needs to be in place to forward traffic on port 6001 to the internal address of the IVC-32 card, or the IVC port on the E-IPA card. 6001 is just the default, and other unused ports may be used if necessary. If the default port is changed, it must be changed in the Agent-IC settings on the mobile device, and also in EHX. In the example below, we will use port 6002.

When you open Wireshark, it will take you to this page:

It’s important to select the correct interface. In this case, the Sharktap is Ethernet 5. Double clicking Ethernet 5 on this screen will select Ethernet 5 and also start the capture. Wireshark will switch to the capture screen:

Wireshark captures all traffic on the link, and without applying a filter, as seen above, the traffic we are interesting in is hard to find. So the next step is to apply a display filter, so we only see the relevant traffic.

In this case, we will use the following filter:

tcp.port==6002 or udp.prt==6002

This filter restricts to the display to UDP or TCP traffic with a destination port of 6002. Remember to click the blue arrow to activate the filter. Wireshark indicates the filter syntax is correct by turning the filter box green.

Once this filter is applied, we take a new capture:

If you see this blank screen, it indicates no traffic is present on the link destined for port 6002. This will prevent Agent-IC from working.

However, if you see this:

this indicates the port forwarding is working properly.

You can see the public IP address of the router,, forwarding packets to the internal address of the IVC card, The Agent-IC ap uses TCP to set up the link, and UDP thereafter for audio.

Clear-Com V-Panels, LQ, and IVC directs also make use of this same port forwarding in order to operate correctly.