Security Onion - VMware ESXi Configuration
1,567 views
Skip to first unread message
Eric K
May 18, 2017, 6:32:41 PM5/18/17
to security-onion
Sorry if this is more of an ESXi question, but I haven't been able to find anything yet on how to configure ESXi with Security Onion. I figured someone may have already got this working with their Security Onion deployment.
I am using the free version of ESXi 6.5. I've installed Security Onion. I have two physical Nic's on my ESXi server. Is there a way to configure ESXi to monitor traffic on my second NIC? I have two virtual switches each connected to a NIC. I created separate port groups attached to each virtual switch. I have Security Onion connected to each port group/virtual switch. Under security I've allowed promiscuous mode. Unfortunately I can't see non-broadcast traffic on the monitored network. I have a network tap connecting the physical NIC between my firewall and core switch. I used Wireshark to verify the tap is working. Any ideas would be appreciated!
Sorry for the OT post.
Thank You,
Eric
Wes Lambert
May 21, 2017, 8:36:07 AM5/21/17
to securit...@googlegroups.com
Eric,
I see you've maybe gotten a little further:
Are you still having issues with this? I have to admit, my experience with ESXi is pretty limited. Is this just for a home lab? Have you considered using Virtualbox or VMWare Workstation?
Thanks,
Wes
--
Follow Security Onion on Twitter!
https://twitter.com/securityonion
---
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onion+unsubscribe@googlegroups.com.
To post to this group, send email to security-onion@googlegroups.com.
Visit this group at https://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/d/optout.
Eric K
May 22, 2017, 12:15:12 PM5/22/17
to security-onion
I was able to get this working eventually. I re-ran the setup again and things started working.
Thanks!
Eric
Alberto Rodriguez
Oct 6, 2018, 6:07:59 AM10/6/18
to security-onion
Eric,
How did you fix it? I am having the same issue you were speaking about :(
How did you fix it? I am having the same issue you were speaking about :(
Reply all
Reply to author
Forward
0 new messages