Windows – Wireshark – VMWare : how to capture host traffic using wireshark in virtualmachine

debianvmwarewindowswireshark

I am try to capture the HTTP traffic from local server to remote server, but i cannot install directly wireshark on the machine because company's policy dont permit.
I am administrator so i install VMware debian VM an installed Wireshark.
The issue is i cannot spot the entire traffic from/to the host, i can only capture the HTTP packet from/to my virtual machine.

How can i configure the network adapter to see all the traffic from my PC to the web?

Some specs:

Host: Windows 8 , ethernet Controller Realtek PCIe GBE Family

VM: VMware® Workstation 12 Pro Version 12.1.1 build-3770994

Best Answer

This is the whole point of Virtual Machines - isolation.

I can't immediately tell you if you can capture the Host network traffic from a guest (e.g: using promiscuous mode), but it would help to know if you're using VMWare Workstation or VMWare Player.

An option would be to route your PC's traffic via the VM, which should also be against the company's policy and could be easy to get wrong...

I would recommend that you either

Just install Wireshark on the PC... you've already got VMWare and a VM, this would be arguably less of an infringement.
Find a hub (not switch) and a spare machine to put Wireshark on. Then put the switch between your PC and the wall, and hang the "Wireshark PC" off it too - reference. Again, this should be against the company's policy.

Best Answer

Related Solutions

Windows – Wireshark cannot see traffic from a VirtualBox guest on Windows 7

Wireshark: how to capture traffic between guest and host OS

Related Question