NIC Test Failed

Discussion in 'Capsa Network Analyzer' started by DanSluga, Jul 9, 2008.

Thread Status:
Not open for further replies.
  1. DanSluga
    Offline

    DanSluga Registered Member

    I am using ColaSoft Capsa 6.8 (and also tried it on 6.7).

    When I set up the initial project it performs a NIC test. That test fails on my DELL poweredge 1900 with a Broadcom BCM5708C NetExtreme II GigE NIC Card. The exact error is "Primuscuous capture test of one or more adapters failed, please read the help for more details". I cannot find any information about this in the help.

    That said, I am not able to save email messages. I assume that is related to the above problem.

    Thanks in advance for you assistance.

    DSLUGA
  2. DanSluga
    Offline

    DanSluga Registered Member

    OK. I got the email portion working.

    For anyone interested. If you run Exchange 2007 through a smarthost (Send Connector) it will automatically encrypt the traffic with TLS. For Capsa to work properly you'll need to disable the TLS handshake (prevent encryption) with the following command (Run this in the Exchange Management Shell)

    set-sendconnector "<name of connector>" -ignorestarttls $true

    You probably want to then turn ON TLS encryption when you are finished monitoring the traffic:

    set-sendconnector "<name of connector>" -ignorestarttls $false

    DSluga

    p.s. I still have the problem with the NIC Promiscuous Mode however I thought it was related to the email problem so I don't necessarily need to get that fixed.
    Last edited: Jul 9, 2008
  3. Colasoft Support
    Offline

    Colasoft Support Colasoft Moderator

    Well, two points in your post.

    1) Can not save email messages, which you have solved yourself.
    2) Promiscuous test failure. Let me explain this.
    You got it simple because you didn't use port mirroring or tap in any traffic destined for other machines.

    Here is the explanation:
    Capsa is designed to analyze the network traffic rather than your own machine, which means it has to be able to accept all the traffic in the network even the messages for others.
    If your NIC is not working in promiscuous mode, it discards information destined to others and you will not receive them, no mention analyze them.
    Actually after you have capsa installed, your NIC has already working in Promiscuous.
    It is just a test, by checking whether there is any incoming traffic accepted is for others. If yes, then Promiscuous. If no, then what you've got.

    However, if you merely would like to analyze your local traffic, or you have capsa installed in the mail server, then, whether it works in Promiscuous mode really matters nothing.
    Last edited: Jul 9, 2008
Thread Status:
Not open for further replies.