NetFort Tips & Tricks - How to monitor a virtual switch without enabling promiscuous mode

  • 1
  • Idea
  • Updated 5 years ago
  • (Edited)
For customers who want to use LANGuardian to monitor traffic inside a local VMware ESX server, we usually recommend activating promiscuous mode on the virtual switch because it is the easiest way to ensure LANGuardian can capture the traffic flowing through the switch. One of our customers recently asked if it is possible to capture internal ESX traffic without enabling promiscuous mode. The answer is yes, it is possible by using VLAN ID 4095.

VLAN ID 4095 is a special VLAN that is reserved for network monitoring. Assigning VLAN ID 4095 to the ESX virtual switch whose traffic you want to monitor ensures that LANGuardian can capture the traffic flowing through the virtual switch -- without promiscuous mode being activated on the switch.

If you have questions about monitoring traffic in VMware networks, or on any aspect of LANGuardian, please contact us on support@netfort.com any time.
Photo of Aisling Brennan

Aisling Brennan, Official Rep

  • 389 Posts
  • 8 Reply Likes

Posted 5 years ago

  • 1

Be the first to post a reply!