Filters:

  • Technologies

  • Instructors

  • How to get Wireshark to work with Microsoft Windows Server 2012 R2

    I am a long time user of WireShark and I frequently use it for demonstrations in my networking classes. I recently upgraded my instructor workstation and WireShark stopped working. It would start, but then hang. When I checked Task Manager, a process called dumpcap.exe was not responding and like in the movies, hard to kill. Let me share what I did to restore functionality and my sanity.

    My first attempts involved uninstalling and reinstalling, with reboots before and after. This did not resolve the issue. I then tried going ever further back into the archives of old versions of WireShark. This also failed miserably. I tried running WireShark in compatibility modes for previous version of Windows – to no avail. Enough about the failures, here’s to success!

    I will list exactly what I did but there may be steps that are unnecessary for you. Feel free to modify these steps if you wish. First, I uninstalled WireShark (and WinPcap 4.1.3, the latest at the time of this writing) and rebooted. I then downloaded WinPcap 10. It downloaded as an .msi file, which I installed. Then I downloaded the latest version of WireShark (version 2.2.2). When I installed WireShark, I made sure NOT to select the installation of WinPcap 4.1.3. The install completed successfully and I was able to run WireShark and capture packets again.

    You may also like:  Error code 0xE0000100 while installing Windows Server 2012 R2

    Here is a screenshot proving success!

    This may work with other versions of Windows (Windows 10, for example) but I have not personally tried it out. Once MY machine worked I was happy. Hopefully, if someone else is experiencing this same pain with their previously working WireShark, these steps will help.

    Until next time….

    Mark Jacob
    Cisco and CompTIA Network + Instructor – Interface Technical Training
    Phoenix, AZ

    Share your thoughts...

    Please fill out the comment form below to post a reply.