Today I needed to install winpcap and Wireshark on Windows Server Core 2008 R2. So, here is how I finally accomplished this.
- Install WireShark on your local box (x64 only).
- Get the winpcap.dll and packet.dll from your Windows\System32 directory and copy it to the new core server in the same location.
- Download and install Network Monitor 3.4 (Microsoft’s Wireshark) on the Server Core server. (This installs the necessary Network Card Driver)
- Now install Wireshark on the core server. WinPcap installation will fail.. That is ok.
- cd to Program Files\Wireshark
- run Wireshark.exe
That is about it. I have it up and running on my Server Core box. Hope this helps someone else!
It is actually wpcap.dll, but the instructions did not work anyway
Copy Packet.ddl & wpcap.dll from BOTH \Windows\system32 & \Windows\SysWOW64 from a WORKING Server 2008 R2
(on which WinPcap_4_1_2.exe was installed) to corresponding folders on Server Core 2008 R2
Copy nfp.sys to Windows\System32\drivers on Server Core
Download http://sourceforge.net/projects/winpe/files/WinPcap%20Library/WinPcap%20Library%20v1.4%20-%20wpcap%20v4.0.0.755%20%284.0%29/winpcap-1.4.cab/download
as per http://reboot.pro/10285/ and install npf.sys driver service with npf_mgm.exe -i (it is in the .cab file) on Server Core
Now you have working Wireshark on Server Core
Thank you for the extra information!
I’ll test that when I get some time.