VMWare Workstation Player/Pro Installation Guide: Difference between revisions

This guide describes how the Allegro Network Multimeter Virtual Edition can be set up with VMWare Workstation. The Allegro Virtual Edition is designed for 2 use cases. It can analyze [[Parallel Packet processing|pcap captures]] or [[Ring Buffer Configuration Guide|packet ring buffers]] of unlimited size for forensic investigation or it can analyze live traffic from virtual machines by a virtual Mirror Port or [[ERSPAN Installation|ERSPAN]].

This guide requires a VMWare Workstation Player or Pro. 15.5.2 or newer. Please note that the non-commercial version (VMWare Workstation Player) also works with Allegro Virtual Edition if you are testing it for personal use only. Please review the license restrictions of the VMWare Workstation Player.

Please contact [https://allegro-packets.com/en/contact Allegro] or your reseller to download the current Allegro Virtual Edition installation zip archive.

Please extract the zip archive. It should contain the 3 files “allegro-multimeter.ovf”, “allegro-multimeter.vmdk” and “allegro-multimeter-virtualbox.ovf”. 

Now specify the location on your disk, set a name and import the VM.

The Allegro Virtual Edition is being imported. Once this is done, you can edit the settings of the VM. Please note that the first interface is used for the Management Access and requires a network with DHCP server. The second network port is used as data plane. The Allegro Virtual Edition analyzes all traffic on this network port. By default, both ports are bridged to your local network. You can change the first port to NAT to allow only access from your local PC. You can also change the settings later at any time.

If the Allegro Virtual Edition is shipped with an USB License dongle, plug the dongle into an unused USB port of the VM host. The dongle must be connected to the virtual machine. When powered off, edit the settings of the VM and add the USB dongle to it. Please select a “Feitian HID Dongle” or similar.

Please follow the [[VMWare ESXI Installation Guide#Initial startup]]. The Startup is identical for ESXI and Workstation.

Please enable the promiscuous mode for the second port if you would like to analyze all incoming packets. As of now, this configuration cannot be done in the VMWare Workstation GUI and it does not work for all physical interfaces.

Please navigate to your directory of the VMWare (by default: Documents\Virtual Machines) and edit the vmx file. There add the line: "ethernet1.noPromisc = "FALSE"

When powered off, edit the settings of the virtual Machine and add press the "Add..." Button.

Then select new disk or use an existing one.

If you have selected a new disk, set the size in the next dialogue.  

Now review the configuration and finish it. Once it is done, please start the Allegro Virtual Edition.

Please note that a real-time capture of packets require high write rates to your storage device. Please use dedicated disks for the ring buffer to avoid performance issues on other virtual machines.

The Allegro Virtual Edition supports the VMware '''Encapsulated remote mirroring (L3) source''' with the [[ERSPAN Installation|ERSPAN Mode]]. You can set up an IP address on the capture port and send encapsulated packets to the Allegro. Please see the Vsphere documentation center for Encapsulated remote mirroring (L3) source.