question

SebastianH-0061 avatar image
0 Votes"
SebastianH-0061 asked JoshuaResch-2823 answered

Hyper-V promiscuous mode broken? - Win10 build 2004

Does anyone have Hyper-V promiscuous mode working with Windows 10 Enterprise - build 2004?

Promiscuous mode worked for me months ago running an older build of Windows 10 following this guide: https://cloudbase.it/hyper-v-promiscuous-mode/

So when I try to get my physical NIC (Default Switch) mirroring its traffic to my virtual machines network interfaces set to "destination" using the standard cmdlets I end up with no error message but it does not work either. Using the script provided on the article above I end up with the an error stating the ICS could not be modified.

 PS C:\Windows\system32> Set-VMSwitchPortMonitorMode -SwitchName "Default Switch" -MonitorMode Source
 Failed while modifying virtual Ethernet switch connection settings.
 **The automatic Internet Connection Sharing switch cannot be modified.**
 At C:\Users\USER\Documents\VMSwitchPortMonitorMode.psm1:68 char:25
 +                         throw $job.ErrorDescription
 +                         ~~~~~~~~~~~~~~~~~~~~~~~~~~~
     + CategoryInfo          : OperationStopped: (Failed while mo...ot be modified.:String) [], RuntimeException
     + FullyQualifiedErrorId : Failed while modifying virtual Ethernet switch connection settings.
 The automatic Internet Connection Sharing switch cannot be modified.


Any ideas? This is driving me nuts for two days now...... whatever I tried I failed.

EDIT: Also when I deselect NDIS Filter on the Switch Manager I encounter the same error messages stating the ICS Switch could not be modified.

windows-10-networkwindows-10-hyperv
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

IanXue-MSFT avatar image
0 Votes"
IanXue-MSFT answered IanXue-MSFT commented

Hi,
You could enable port monitoring in powershell following these steps

Set the Mirroring Mode of the capturing VM to Destination.

 Set-VMNetworkAdapter <name of the VM> -PortMirroring Destination

Enable Source Mirror Mode on the External port of the Virtual Switch the capturing VM is attached to.

 $A = Get-VMSystemSwitchExtensionPortFeature -FeatureMame "Ethernet Switch Port Security Settings"
 $A.SettingData.MonitorMode = 2
 Add-VMSwitchExtensionPortFeature -ExternalPort -SwitchName <name of the switch> -VMSwitchExtensionFeature $A

Or you could configure it in Hyper-V Manager refering to this link
https://docs.microsoft.com/en-us/archive/blogs/technet/mspfe/virtual-machine-network-monitoring-the-easy-way-with-hyper-v-in-windows-server-2012

According to the error message, you may also check if the ICS is enabled and the ICS service is running.

Best Regards,
Ian

· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Unfortunately I found no release information mentioned the change introduced to virtual switches.

1 Vote 1 ·

Hi, thanks for your reply!

Well, ICS seems to be enabled for sure. And it is probable the reason why I can not make the changes successfully.

Doing it the way you posted no error message appears but the Adapter is not changed. I also noticed a GUI error message on the Hyper-V Network Manager stating my NDIS Filter is not working properly on the default switch.

I was assuming ICS is enabled by default for Hyper-V NAT to work properly. I also installed a 1909 build but I get the same unable to modify ICS error.
I failed to stop ICS service.

0 Votes 0 ·

When were the changes to Hyper-V switching introduced? In Win10 build 1709?

In my case only the default switch cannot be modified. I attached a second NIC to my computer, configured as external Network Switch and mirroring its traffic to my VM works.

0 Votes 0 ·
m310400-7852 avatar image
0 Votes"
m310400-7852 answered m310400-7852 published

Hello

I've had the same problem, but the solution is...
It's just a way to erase the problematic switch and rebuild it.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JoshuaResch-2823 avatar image
0 Votes"
JoshuaResch-2823 answered

Step One
-FeatureMame should prob be FeatureName

Step two
If the VM is already connected to the NIC, you may have to shutdown the VM

Step 3
Rebuild the switch (Also requires VM shutdown)

Worked for us, best of luck

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.