capture vlan ID
Hello everyone I have wireshark ver 2.4.5 wincap 4.1.3
Intel nic e1d62x64 which should be match with the registry key MonitorMode in:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\00nn
.
When creating or modifying registry dword MonitorMode, set the dword value to one of the following options:
- 0 — disabled (Do not store bad packets, Do not store CRCs, Strip 802.1Q vlan tags)
- 1 — enabled (Receive bad/runt/invalid CRC packets. Leave CRCs attached to the packets. Do not strip VLAN tags and ignore packets sent to other VLANs as per normal operation.)
I configured 1
But I can not get the vlan ID when I run the wireshark. Ethernet II (VLAN tagged) is missing Is there any else missing?
Did you
Note You must restart Windows for the registry change to take effect.
Hello Jaap We already did but this was not resolve. I remembered having used "etherreal" and I found that option. Is there any dissector or something missing in wireshark?
I'm not familiar with Windows networking, so have little to add. There's certainly nothing missing in Wireshark in this area, other than proper interfacing with the netwok stack for capture. Maybe it's relevant to mention the OS version you're working on? This may help people on the right track.
Hello Jaap, We use Windows 7 professional
Did you ever get this sorted - I’m having same issue with two Intel nics in windows 10 and really want to get this working.
MacBook Pro OSX works immediately without any hacks!
can you please ask a new question, with the details of your environment?