Solved

vmware port

Posted on 2013-11-19
7
357 Views
Last Modified: 2013-12-04
I have a virtual server and I'd like to capture traffic going to that virtual server. How do I span the port on my Cisco switch. I am not onsite so I do not know the port where the physical server is connected to. Any ideas? Thx
0
Comment
Question by:leblanc
  • 3
  • 2
  • 2
7 Comments
 
LVL 12

Assisted Solution

by:Infamus
Infamus earned 166 total points
Comment Utility
Do you have access to the server, for example, like RDP?

If you can, then you can install wireshark and capture the traffic, otherwise you need to find a switchport where the vm host is connected.  In that case, you will be capturing all the traffic going to the vm host.
0
 
LVL 1

Author Comment

by:leblanc
Comment Utility
Is it possible to capture the port where the virtual server is connected to? I am not sure how that will work?
0
 
LVL 57

Accepted Solution

by:
giltjr earned 334 total points
Comment Utility
You need to find the MAC address of the physical server and then look at the mac address table.

However, how/where are you going to SPAN the traffic if you don't have physical access to the switch?

Just to make sure if you do span the port you will capture ALL traffic to that physical server, not just the traffic to that VM.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 1

Author Comment

by:leblanc
Comment Utility
This is what I have:
- I can access the switch
- I know the MAC and IP address of the physical server where the virtual server resides.
- I know the switch port where the physical server is connected to.
- I know the MAC address of the virtual server.

I just want to capture the traffic to the virtual server, not the whole physical server. It has to have a way to do this. Thx
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 334 total points
Comment Utility
Span session only know ports.  So all traffic going in/out of the port is mirrored.

If you have the correct access to the ESXi host you can capture traffic there using TCPDUMP.


http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1031186

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1000880
0
 
LVL 1

Author Comment

by:leblanc
Comment Utility
I am not allow to have access to the ESXi host... Politics... :)
I will just capture the port where the physical server is connected to and setup the filter on the virtual server. Thx
0
 
LVL 12

Expert Comment

by:Infamus
Comment Utility
Let us know how it went.
Good luck.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
MAC Needs 2 Domains 2 42
Backup UPS - email alert 3 81
VLAN question 7 42
WiFi Blackspot within home network 7 34
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now