Unable to capture packets in ESXi Guest
Hi, We are tying to capture packets on the network interface of our ESXi Guest, this Guest it used for Citrix. The server is hosted in IaaS so we don't have added to the network configurations, that are in vCenter.
- OS Windows 2008
- ESXi 6.5 i believe.
- NIC vmxnet3 Ethernet Adapter
- Wireshark 3.0.3
- NpCap 0.995
- Citrix XenApp 6.5
I was under the impressions that as we only interested in the packets our VM's network interface and not sniffing the network we would not need promiscuous mode. We are not able to launch the capture, it errors
With promiscuous on: "The capture session could not be initiated on interface '\device\NPF_{DD2F4800-)DEB-4A98-A302-0777CB955DC1}' failed to set hardware filter to promiscuous mode.
With promiscuous off: "The capture session could not be initiated on interface '\device\NPF_{DD2F4800-)DEB-4A98-A302-0777CB955DC1}' failed to set hardware filter to non-promiscuous mode.
The one item that stands out to me is Capture > Options > Input Tab > Link-Layer Header For the VM NIC is listed as Unknown.
what could I have missed ?
Hi. Have you tried winpcap for kicks? Are you running Wireshark with Admin rights?