Configuring External Network Traffic with the VMware vSphere Standard Switch (Promiscuous Mode/RSPAN)

Configure network settings in VMware vCenter to allow Virtual Network Sensor to monitor data.

Important:

The following instructions are valid as of June 2023.

  1. Sign in to the VMware vCenter console using an admin account, and then click the tab.
  2. Right-click the IP address for your server and select Add Networking...
  3. On the Select connection type screen, select Virtual Machine Port Group for a Standard Switch and click NEXT.
  4. On the Select target device screen, select New standard switch and specify 1600 for MTU.
  5. Click NEXT.
  6. On the Create a Standard Switch screen, click + and select a NIC.
  7. Click OK.
  8. On the Connection settings screen, type Data Network in the Network label field and select All (4095) for the VLAN ID.
  9. Click NEXT.
  10. On the Ready to complete screen, review your settings and click FINISH.
  11. Click the tab.
  12. Go to Configure > Networking > Virtual switches.
  13. Find the switch you just created and click EDIT.
  14. Go to Security, and select Reject for Promiscuous mode, MAC address changes, and Forged transmits.
    Note:

    Send the network traffic you want to scan to the data port. The following instructions use promiscuous mode to enable Virtual Network Sensor to scan your network traffic.

  15. Click OK.
  16. Click the name of the switch you just created.
  17. Click next to Data Network and select Edit Settings.
  18. Go to Security, and select Override and Accept for Promiscuous mode.
  19. Select Reject for MAC address changes and Forged transmits, and click OK.
Parent topic: Deploying a Virtual Network Sensor with VMware vCenter