How can I use pfSense to capture packets and forward all traffic to the nic on a VM?

asked 2021-12-05 07:06:25 +0000

Mr.Schark gravatar image

I'm trying to capture all traffic on my network and analyze it using Wireshark on a VM. I've heard that pfSense is capable of being configured to run in promiscuous mode. I have multiple nics on a Windows Server VM that I want to send the traffic/captures to. What settings do I need to configure on pfSense and the server side in order to make this happen?

edit retag flag offensive close merge delete


This seems to be a pfSense question and not a Wireshark one. Probably best followed up in a pfSense support forum.

grahamb gravatar imagegrahamb ( 2021-12-05 18:34:16 +0000 )edit

Awesome, once again you guys have proved my theory. Thank you so much.

Mr.Schark gravatar imageMr.Schark ( 2021-12-06 01:07:53 +0000 )edit

If it involves using wireshark it should be under the umbrella. Thanks again.

Mr.Schark gravatar imageMr.Schark ( 2021-12-06 01:09:42 +0000 )edit

Just mentioning Wireshark doesn't make it a Wireshark question. Wireshark will capture the traffic on whatever interfaces you point it to. Arranging that the required traffic is presented on those interfaces isn't a Wireshark question and depends entirely on the host OSs, virtualization software, virtual switches etc.

grahamb gravatar imagegrahamb ( 2021-12-06 09:00:47 +0000 )edit