Hello,
I am trying to enable promiscuous mode on a vSwitch
One of the steps to achieve that is to enable the switch extension: Microsoft NDIS Capture
However when I do this I see:
The selected extension is not operating correctly. Check the Event Logs for further information
There are no errors in the EventLogs
Would appreciate troubleshooting suggestions
Thanks
VW
Hello Anne,
I have found the solution.
The issue on the Server 2016 system was not the error message in relation to the NDIS Capture Extension; that message can be ignored (at least if there are no errors reported in the Event Log).
The issue was that on Server 2016, by default other extensions are enabled on the 'Mirror-port' vSwitch, and these extensions need to be disabled so that the only extension that is enabled is the NDIS Capture Extension.
Regards,
VW
Hi,
As far as I know, if the Source VM and the Monitoring VM connect to the same virtual switch, and we configure the VM in the Settings below, we do not need to enable the NDIS Capture extension on the Virtual Switch.
Below is the link about how to configure port monitoring:
https://cloudbase.it/hyper-v-promiscuous-mode/
(Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.)
Thanks for your time!
Best Regards,
Anne
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hello Anne,
I have installed HyperV on a second box running Windows Server 2012
On this box I was able to configure the HyperV VM as per the blog article below and I did not encounter the issue with the NDIS Capture Extension.
And on the VM on this box, promiscuous mode works as expected.
So this confirms that on the other system where I encountered the error with the NDIS Capture Extension; that is why promiscuous mode is not working in the VM.
Ideally it would be good if we could identify the reason for the error with the NDIS Capture Extension
Regards
VW
Hello Anne,
Thank you for responding.
Unfortunately I have already found that article and tried their proposed approach. Which didn't work for me. I then sent the author a question, but he has not responded.
I have since found another blog post how-to-deploy-websense-in-stand-alone-mode-on-a-hyper-v-virtual-machine-hyperv-websense
Unfortunately I've not been able to get this approach to work either. But I have been able to communicate with the blog author; and the NDIS Capture Extension is required with this approach.
And after closely comparing my configuration with the posted configuration; it seems that the only difference (and likely reason for the port mirroring not working in HyperV) is the error with the NDIS Capture Extension.
I can port mirror fine, using the NIC outside of HyperV
Regards,
VW
7 people are following this question.
