Windows G-vTAP Agent Installation

Windows G-vTAP Agent allows you to select the network interfaces by subnet/CIDR and modify the corresponding monitoring permissions in the configuration file. This gives you more granular control over what traffic is monitored and mirrored.

VXLAN is the only supported tunnel type for Windows G-vTAP Agent.

Windows G-vTAP Agent Installation Using MSI Package

To install the Windows G-vTAP Agent using the MSI file:

  1. Download the Windows G-vTAP Agent 6.2.00 MSI package from the Gigamon Customer Portal. For assistance contact Contact Technical Support.
  2. Install the downloaded MSI package as Administrator and the G-vTAP Agent service starts automatically.
  3. Once the G-vTAP package is installed, modify the file C:\ProgramData\Gvtap-agent\gvtap-agent.conf to configure and register the source and destination interfaces.

    Note:  If you make any changes to the GvTAP agent config file after the initial setup, you need to restart the agent and refresh or synchronize the inventory from GigaVUE-FM to reflect the changes and start traffic mirroring again. However, if you have an ongoing monitoring session that is active and functioning well, modifying the GvTAP config file can cause traffic to be lost until GigaVUE-FM performs an automatic synchronization every 15 minutes.


    Following are the rules to modify the G-vTAP configuration file:
    • Interface is selected by matching its CIDR address with config entries.
    • For the VMs with single interface(.conf file modification is optional):
      • if neither mirror-src permissions is granted to the interface, both mirror-src-ingress and mirror-src-egress are granted to it.
      • mirror-dst is always granted implicitly to the interface.
    • For the VMs with multiple interfaces:
      • mirror-dst needs to be granted explicitly in the config file. Only the first matched interface is selected for mirror-dst, all other matched interfaces are ignored.
      • if none interfaces is granted any mirror-src permission, all interfaces will be granted mirror-src-ingress and mirror-src-egress.

    Example 1— Monitor ingress and egress traffic at interface 192.168.1.0/24 and use the same interface to send out the mirrored packets.

    192.168.1.0/24  mirror-src-ingress mirror-src-egress mirror-dst

    Example 2— Monitor ingress and egress traffic at interface 192.168.1.0/24 and use the interface 192.168.2.0/24 to send out the mirrored packets.

    192.168.1.0/24   mirror-src-ingress mirror-src-egress

    192.168.2.0/24   mirror-dst

  4. Save the file.
  5. To enable the third-party orchestration, a configuration file C:\ProgramData\Gvtap-agent\gigamon-cloud.conf needs to be created with the following contents:

    Registration:
    	groupName: <Monitoring Domain Name>
    	subGroupName: <Connection Name>
    	user: <username>
    	password: <password>
    	remoteIP: <controller list IP addresses separated by comma>
    	remotePort: 8891
  6. To restart the Windows G-vTAP Agent, perform one of the following actions:
    • Restart the VM.
    • Run 'sc stop gvtap' and 'sc start gvtap' from the command prompt.
    • Restart the G-vTAP Agent from the Windows Task Manager.

You can check the status of the G-vTAP Agent in the Service tab of the Windows Task Manager.

Note:  You must edit the Windows Firewall settings to grant access to the gvtap process. To do this, access the Windows Firewall settings and find “gvtapd” in the list of apps and features. Select it to grant access. Be sure to select both Private and Public check boxes. If “gvtapd” does not appear in the list, click Add another app... Browse your program files for the gvtap-agent application (gvtapd.exe) and then click Add. (Disclaimer: These are general guidelines for changing Windows Firewall settings. See Microsoft Windows help for official instructions on Windows functionality.)

Windows G-vTAP Agent Installation Using ZIP Package

To install the Windows G-vTAP Agent using the ZIP package:

  1. Download the Windows G-vTAP Agent 6.2.00 ZIP package from the Gigamon Customer Portal. For assistance contact Contact Technical Support.
  2. Extract the contents of the .zip file into a convenient location.
  3. Run ‘install.bat’ as an Administrator and the G-vTAP Agent service starts automatically.
  4. Once the G-vTAP package is installed, modify the file C:\ProgramData\Gvtap-agent\gvtap-agent.conf to configure and register the source and destination interfaces.

    Note:  If you make any changes to the GvTAP agent config file after the initial setup, you need to restart the agent and refresh or synchronize the inventory from GigaVUE-FM to reflect the changes and start traffic mirroring again. However, if you have an ongoing monitoring session that is active and functioning well, modifying the GvTAP config file can cause traffic to be lost until GigaVUE-FM performs an automatic synchronization every 15 minutes.


    Following are the rules to modify the G-vTAP configuration file:
    • Interface is selected by matching its CIDR address with config entries.
    • For the VMs with single interface(.conf file modification is optional):
      • if neither mirror-src permissions is granted to the interface, both mirror-src-ingress and mirror-src-egress are granted to it.
      • mirror-dst is always granted implicitly to the interface.
    • For the VMs with multiple interfaces:
      • mirror-dst needs to be granted explicitly in the config file. Only the first matched interface is selected for mirror-dst, all other matched interfaces are ignored.
      • if none interfaces is granted any mirror-src permission, all interfaces will be granted mirror-src-ingress and mirror-src-egress.

    Example 1— Monitor ingress and egress traffic at interface 192.168.1.0/24 and use the same interface to send out the mirrored packets.

    192.168.1.0/24  mirror-src-ingress mirror-src-egress mirror-dst

    Example 2— Monitor ingress and egress traffic at interface 192.168.1.0/24 and use the interface 192.168.2.0/24 to send out the mirrored packets.

    192.168.1.0/24   mirror-src-ingress mirror-src-egress

    192.168.2.0/24   mirror-dst

  5. Save the file.
  6. To enable the third-party orchestration, a configuration file C:\ProgramData\Gvtap-agent\gigamon-cloud.conf needs to be created with the following contents:

    Registration:
    	groupName: <Monitoring Domain Name>
    	subGroupName: <Connection Name>
    	user: <username>
    	password: <password>
    	remoteIP: <controller list IP addresses separated by comma>
    	remotePort: 8891
  7. To restart the Windows G-vTAP Agent, perform one of the following actions:
    • Restart the VM.
    • Run 'sc stop gvtap' and 'sc start gvtap' from the command prompt.
    • Restart the G-vTAP Agent from the Windows Task Manager.

You can check the status of the G-vTAP Agent in the Service tab of the Windows Task Manager.

Note:  You must edit the Windows Firewall settings to grant access to the gvtap process. To do this, access the Windows Firewall settings and find “gvtapd” in the list of apps and features. Select it to grant access. Be sure to select both Private and Public check boxes. If “gvtapd” does not appear in the list, click Add another app... Browse your program files for the gvtap-agent application (gvtapd.exe) and then click Add. (Disclaimer: These are general guidelines for changing Windows Firewall settings. See Microsoft Windows help for official instructions on Windows functionality.)