Mark Minasi's Tech Forum
Sign up Calendar Latest Topics
 
 
 


Reply
  Author   Comment  
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 896
Reply with quote  #1 
Trying to get/ understand the promiscuous mode in Hyper-V.

My issue appears to be in changing the switch mode from source to destination to none.

This is on Windows 10 right now, will test on Server 2012R2/ 2016.

Have port mirroring on the guests, from and to.
Code:

Set-VMNetworkAdapter "c-Kali - Attacker" -PortMirroring Source
Set-VMNetworkAdapter "c-Kali - Listener" -PortMirroring Destination


Enabled it on the external switch
Code:

$portFeature=Get-VMSystemSwitchExtensionPortFeature -FeatureName "Ethernet Switch Port Security Settings"
# None = 0, Destination = 1, Source = 2
$portFeature.SettingData.MonitorMode = 2
# To the the feature to a newly created switch
Add-VMSwitchExtensionPortFeature -ExternalPort -SwitchName External -VMSwitchExtensionFeature $portFeature

Assumed this would allow me to change the setting from source/ destination/ none, but it doesn't
Code:

# to change the VMswitch setting
set-VMSwitchExtensionPortFeature -ExternalPort -SwitchName External -VMSwitchExtensionFeature $portFeature


It throws an error
Code:

PS C:\Windows\system32> set-VMSwitchExtensionPortFeature -ExternalPort -SwitchName External -VMSwitchExtensionFeature $portFeature
set-VMSwitchExtensionPortFeature : The advanced feature "Ethernet Switch Port Security Settings" is not attached to a virtual switch or network adapter.
At line:1 char:1
+ set-VMSwitchExtensionPortFeature -ExternalPort -SwitchName External - ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Set-VMSwitchExtensionPortFeature], VirtualizationException
    + FullyQualifiedErrorId : InvalidParameter,Microsoft.HyperV.PowerShell.Commands.SetVMSwitchExtensionPortFeature
 
PS C:\Windows\system32> 


This is frustrating me a lot.

Correct command to see the state of the switch appears to be
Code:

get-VMSwitchExtensionPortFeature -ExternalPort -SwitchName External | select -ExpandProperty SettingData

As opposed to some of the other commands posted.

Going to try to continue with Hyper-V but suspect VMware will take over again...

The features appear disabled in the vSwitch Manager GUI.
If I enable them I blue screen every time!!!



__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
donoli

Senior Member
Registered:
Posts: 598
Reply with quote  #2 
Does the adapter support promiscuous mode?  Secondly, VMware starts it's own DHCP service which can be disabled. I don't known if that matters.
0
cj_berlin

Avatar / Picture

Senior Member
Registered:
Posts: 300
Reply with quote  #3 
Quote:
Originally Posted by wobble_wobble

Assumed this would allow me to change the setting from source/ destination/ none, but it doesn't
Code:
 # to change the VMswitch setting set-VMSwitchExtensionPortFeature -ExternalPort -SwitchName External -VMSwitchExtensionFeature $portFeature 


It throws an error
Code:
 PS C:\Windows\system32> set-VMSwitchExtensionPortFeature -ExternalPort -SwitchName External -VMSwitchExtensionFeature $portFeature set-VMSwitchExtensionPortFeature : The advanced feature "Ethernet Switch Port Security Settings" is not attached to a virtual switch or network adapter. At line:1 char:1 + set-VMSwitchExtensionPortFeature -ExternalPort -SwitchName External - ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (:) [Set-VMSwitchExtensionPortFeature], VirtualizationException + FullyQualifiedErrorId : InvalidParameter,Microsoft.HyperV.PowerShell.Commands.SetVMSwitchExtensionPortFeature PS C:\Windows\system32> 


This is frustrating me a lot.


Well, the error message spells it out: The feature is not yet attached to the vSwitch, therefore Set-* will not work (Set can only change what's already there). What you want is Add-VMSwitchExtensionPortFeature to attach the Security Settings feature to the vSwitch.


__________________
Evgenij Smirnov

My personal blog (German): http://www.it-pro-berlin.de/
My stuff on PSGallery: https://www.powershellgallery.com/profiles/it-pro-berlin.de/
0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 896
Reply with quote  #4 
Thought I had with this...
Quote:
Originally Posted by wobble_wobble

Enabled it on the external switch
Code:
 
$portFeature=Get-VMSystemSwitchExtensionPortFeature -FeatureName "Ethernet Switch Port Security Settings"
# None = 0, Destination = 1, Source = 2
$portFeature.SettingData.MonitorMode = 2
# To the the feature to a newly created switch
Add-VMSwitchExtensionPortFeature -ExternalPort -SwitchName External -VMSwitchExtensionFeature $portFeature




The help section offers the following example and I added monitor.mode
Which is allowing the Wireshark VM see the physical traffic from the host.

get -help Add-VMSwitchExtensionPortFeature -examples

...

SYNOPSIS
Adds a feature to a virtual network adapter.


Example 1

PS C:\>$feature = Get-VMSystemSwitchExtensionPortFeature -FeatureName "Ethernet Switch Port Security Settings"
PS C:\>$feature.SettingData.EnableDhcpGuard = $true
PS C:\>$feature.SettingData.EnableRouterGuard = $true
PS C:\>Add-VMSwitchExtensionPortFeature -VMName VM2 -VMSwitchExtensionFeature $feature

Adds a feature to virtual machine VM2. The feature here is a port security feature supported by the extension Microsoft Virtual Ethernet Switch Native Extension.


__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 896
Reply with quote  #5 
Just had a thought and it may not be an option on Windows 10
Will check Server 2016.

__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.