Solved: Re: Vsphere - Promiscuous Mode?

mactechnogeek · ‎03-12-2014

I have a VM that runs in the Vsphere Hypervisor. I am attempting to install a VPN utility (SoftEther) that requires the network adapter to be set in Promiscuous mode. After reviewing ESXI documentation, it tells me to go the "Configuration" tab, but that tab is missing.

Is it possible for me to configure my network adapter as such? I called tech support and they pointed me here.

mactechnogeek · ‎03-12-2014

I was able to download the command line tool (esxcli) and that allowed me to set promiscuous mode. It was not trivial to figure this out, but at least I got around it. For anyone else running into this problem, you can do something like this:

To list interfaces /ports

esxcli --server IPADDRESS --username USER --password PASSWORD network ip interface list

My switch was vSwitch0 after running this.

To check the policy:

esxcli --server IPADDRESS --username USER --password PASSWORD network vswitch standard policy security get -v vSwitch0

To set the policy:

esxcli --server IPADDRESS --username USER --password PASSWORD network vswitch standard policy security set -f true -m false -p true -v vSwitch0

View solution in original post

mactechnogeek · ‎03-12-2014

I was able to download the command line tool (esxcli) and that allowed me to set promiscuous mode. It was not trivial to figure this out, but at least I got around it. For anyone else running into this problem, you can do something like this:

To list interfaces /ports

esxcli --server IPADDRESS --username USER --password PASSWORD network ip interface list

My switch was vSwitch0 after running this.

To check the policy:

esxcli --server IPADDRESS --username USER --password PASSWORD network vswitch standard policy security get -v vSwitch0

To set the policy:

esxcli --server IPADDRESS --username USER --password PASSWORD network vswitch standard policy security set -f true -m false -p true -v vSwitch0

King_Robert · ‎03-12-2014

When promiscuous mode is enabled at the portgroup level, objects defined within that portgroup have the option of receiving all incoming traffic on the vSwitch. Interfaces and virtual machines within the portgroup will be able to see all traffic passing on the vSwitch, but all other portgroups within the same virtual switch do not.

When promiscuous mode is enabled at the virtual switch level, all portgroups within the vSwitch will default to allowing promiscuous mode. However, promiscuous mode can be explicitly disabled at one or more portgroups within the vSwitch, which override the vSwitch-defined default.

Log into the ESXi/ESX host or vCenter Server using the vSphere Client.
Select the ESXi/ESX host in the inventory.
Click the Configuration tab.
In the Hardware section, click Networking.
Click Properties of the virtual switch for which you want to enable promiscuous mode.
Select the virtual switch or portgroup you wish to modify and click Edit.
Click the Security tab.
From the Promiscuous Mode dropdown menu, click Accept.

mactechnogeek · ‎03-12-2014

Thanks, but I don't have the "Configuration" tab. Is it because I am running the free VSphere version?

a_p_ · ‎03-12-2014

The Configuration tab is available in all editions, even the free one. Make sure you select the host in the inventory in the left pane.

André

mactechnogeek · ‎03-12-2014

Interesting. The only tabs I see after clicking on the server in the inventory section are:

Getting Started, Summary, Resource Allocation, Performance, Events, Console and Permissions

Am I in the wrong spot?

a_p_ · ‎03-12-2014

It looks like you selected a virtual machine in the library, rather than the ESXi host.

André

mactechnogeek · ‎03-12-2014

Yep, you're right. I could have sworn I looked at that 10x. Now I see it. Well, at least I learned how to do it the hard way (with command line) in the process.