port mirroring
following diagram is just for illustration purpose to give you an idea on port mirroring, lets assume computer that has wireshark running plugged into port 1 on switch and voip server plugged into port 2 on switch
first get terminal access to your switch(please note i covered only cisco switch for illustration purpose, do NOT run these commands on your switch and consult with your switch manufacturer first for correct commands syntax) and following are commands for port mirroring on my cisco switch (in above diagram):
config t
monitor session 1 source fastethernet 0/2
monitor session 1 destination fastethernet 0/1
this will send all information coming on port fa0/2 to the machine running wireshark on particular network.
Please note this guide is just for illustration purpose only and for all other vendors above commands do not apply.
Generally speaking, to capture all the voip traffic in your entire network, the switch interface(fa0/5 in diagram) that i really want to capture is the one facing to internet facing router because everybody goes through there to get outside and don't forget to save the configs, feel free to use wireshrak display or advanced display features to view sip traffic of your interest on particular network.