Capture traffic using virtual machine
Posted on 2010-09-21
I'm trying to use a virtual environment to capture traffic from a real switch but I have problems with the traffic that the virtual NIC is able to see...
The environment is the following:
I have a server with four NICs running windows 2008 R2 and Hyper-V. I use one NIC to manage the server.
I have started with one virtual machine running windows 2008 R2 and wireshark to capture traffic. The virtual machine has two NICs configured, one to manage and other to capture the traffic, both are connected to different real NICs.
When I try to capture traffic through the interface connected to the real NIC connected to the switch port, I can't see all the traffic... I don't know if it's not possible or if I need to configure something in the virtual machine to allow this feature...
Thanks in advanced.